TITLE:
Microsoft Word Unspecified Code Execution Vulnerability

SECUNIA ADVISORY ID:
SA20153

VERIFY ADVISORY:
http://secunia.com/advisories/20153/

CRITICAL:
Extremely critical

IMPACT:
System access

WHERE:
From remote

SOFTWARE:
Microsoft Office 2003 Professional Edition
http://secunia.com/product/2276/
Microsoft Office 2003 Small Business Edition
http://secunia.com/product/2277/
Microsoft Office 2003 Standard Edition
http://secunia.com/product/2275/
Microsoft Office 2003 Student and Teacher Edition
http://secunia.com/product/2278/
Microsoft Office XP
http://secunia.com/product/23/
Microsoft Word 2002
http://secunia.com/product/2150/
Microsoft Word 2003
http://secunia.com/product/4908/

DESCRIPTION:
A vulnerability has been reported in Microsoft Word, which can be
exploited by malicious people to compromise a user's system.

The vulnerability is caused due to an unspecified error. This can be
exploited to execute arbitrary code.

NOTE: This vulnerability is being actively exploited.

The vulnerability has been reported in Microsoft Word 2002 and
Microsoft Word 2003.

SOLUTION:
Do not open untrusted Office documents.

PROVIDED AND/OR DISCOVERED BY:
This vulnerability has been discovered in the wild as a "Zero-day"
while investigating a system compromise.

OTHER REFERENCES:
SANS:
http://isc.sans.org/diary.php?storyid=1345

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/

ci risiamo e stavolta è brutta... VVoVe: io ho Open Office