This application requires Javascript for optimal performance.

MS.Word.Font.Parsing.Buffer.Overflow

Release Date Oct 19, 2006
Severity high
Impact System compromise: remote code execution.
Description This indicates an attempt to exploit a buffer overflow vulnerability in Microsoft Word. There is a buffer overflow vulnerability in Microsoft Word that may allow remote attackers to execute arbitrary code in the context of the affected application, via a .doc file with excessively long font information.
Affected Products Microsoft Works Suite 2004 Microsoft Works Suite 2003 Microsoft Works Suite 2002 Microsoft Works Suite 2001 Microsoft Works 2000 Microsoft Office XP SP3 Microsoft Office XP SP2 Microsoft Office XP SP1 Microsoft Office XP Microsoft Office 2000 SP3 Microsoft Office 2000 SP2 Microsoft Office 2000 SP1 Microsoft Office 2000
Recommended Actions Microsoft has released updates to address this vulnerability in supported versions of the affected software. Microsoft Works 2000 * Microsoft Security Update for Word 2000 (KB895333) http://www.microsoft.com/downloads/details.aspx?familyid=CEE0864B-B196 -48F4-A4B9-2ED7FB6D17D2&displaylang=en Microsoft Office XP SP3 * Microsoft Security Update for Word 2002 (KB895589) http://www.microsoft.com/downloads/details.aspx?familyid=A7E7D2C5-1E2A -4FFB-8FC2-B2B217015820&displaylang=en Microsoft Works Suite 2003 * Microsoft Security Update for Word 2002 (KB895589) http://www.microsoft.com/downloads/details.aspx?familyid=A7E7D2C5-1E2A -4FFB-8FC2-B2B217015820&displaylang=en Microsoft Works Suite 2002 * Microsoft Security Update for Word 2002 (KB895589) http://www.microsoft.com/downloads/details.aspx?familyid=A7E7D2C5-1E2A -4FFB-8FC2-B2B217015820&displaylang=en Microsoft Office 2000 SP3 * Microsoft Security Update for Word 2000 (KB895333) http://www.microsoft.com/downloads/details.aspx?familyid=CEE0864B-B196 -48F4-A4B9-2ED7FB6D17D2&displaylang=en Microsoft Works Suite 2001 * Microsoft Security Update for Word 2000 (KB895333) http://www.microsoft.com/downloads/details.aspx?familyid=CEE0864B-B196 -48F4-A4B9-2ED7FB6D17D2&displaylang=en Microsoft Works Suite 2004 * Microsoft Security Update for Word 2002 (KB895589) http://www.microsoft.com/downloads/details.aspx?familyid=A7E7D2C5-1E2A -4FFB-8FC2-B2B217015820&displaylang=en
Coverage IPS VCM
Common Vulnerabilities and Exposures (CVE) CVE-CAN-2005-0564
Reference/s http://www.securityfocus.com/bid/14216 (BugTraq) http://technet.microsoft.com/en-us/security/bulletin/ms05-035.mspx (MS-ID)

Reference: VID-13444

Current Threat Level

Vulnerabilities

Virus/Spyware

Spam

PGP Keys

Contact Form

Copyright © 2012 Fortinet Inc. All Rights Reserved