Alias(es)MS.Word.FKP.Count.Code.Execution.B, MS.Word.FKP.Count.Code.Execution.SMTP |
Release DateDec 14, 2006 |
Severitycritical |
ImpactArbitrary code execution in the context of affected application. |
DescriptionThis indicates a possible exploit of a memory manipulation vulnerability in Microsoft Word, that may allow user-assisted remote attackers to execute arbitrary code via a crafted DOC file. |
Affected ProductsMicrosoft Word X for MacMicrosoft Word 2004 for Mac 0 Microsoft Word 2003 Viewer Microsoft Word 2003 Microsoft Word 2002 SP3 Microsoft Word 2002 SP2 Microsoft Word 2002 SP1 Microsoft Word 2002 Microsoft Word 2000 Korean Version Microsoft Word 2000 Japanese Version Microsoft Word 2000 Chinese Version Microsoft Word 2000 SR1a Microsoft Word 2000 SR1 Microsoft Word 2000 SP3 Microsoft Word 2000 SP2 Microsoft Word 2000 Microsoft Office Word 2003 Viewer 0 Microsoft Office 2003 SP3 Microsoft Office 2003 SP2 Microsoft Office 2003 SP1 Microsoft Office 2000 SP3 Microsoft Office 2000 SP1 |
Recommended ActionsMicrosoft Security Update for Word 2002 (KB929061)Microsoft Security Update for Word 2000 (KB929139) Microsoft Security Update for Word 2003 (KB929057) Microsoft Security Update for Word Viewer 2003 (KB924883) |
Coverage IPS
VCM |
Common Vulnerabilities and Exposures (CVE)CVE-2006-6561 |
Reference/shttp://www.milw0rm.com/sploits/12122006-djtest.dochttp://technet.microsoft.com/en-us/security/bulletin/MS07-014.mspx (MS-ID) http://www.milw0rm.com/exploits/2922 http://www.frsirt.com/english/advisories/2006/4997 (FrSIRT) http://www.securityfocus.com/bid/21589 (BugTraq) |
