ci risiamo e stavolta è brutta...TITLE:
Microsoft Word Unspecified Code Execution Vulnerability
SECUNIA ADVISORY ID:
SA20153
VERIFY ADVISORY:
http://secunia.com/advisories/20153/
CRITICAL:
Extremely critical
IMPACT:
System access
WHERE:
From remote
SOFTWARE:
Microsoft Office 2003 Professional Edition
http://secunia.com/product/2276/
Microsoft Office 2003 Small Business Edition
http://secunia.com/product/2277/
Microsoft Office 2003 Standard Edition
http://secunia.com/product/2275/
Microsoft Office 2003 Student and Teacher Edition
http://secunia.com/product/2278/
Microsoft Office XP
http://secunia.com/product/23/
Microsoft Word 2002
http://secunia.com/product/2150/
Microsoft Word 2003
http://secunia.com/product/4908/
DESCRIPTION:
A vulnerability has been reported in Microsoft Word, which can be
exploited by malicious people to compromise a user's system.
The vulnerability is caused due to an unspecified error. This can be
exploited to execute arbitrary code.
NOTE: This vulnerability is being actively exploited.
The vulnerability has been reported in Microsoft Word 2002 and
Microsoft Word 2003.
SOLUTION:
Do not open untrusted Office documents.
PROVIDED AND/OR DISCOVERED BY:
This vulnerability has been discovered in the wild as a "Zero-day"
while investigating a system compromise.
OTHER REFERENCES:
SANS:
http://isc.sans.org/diary.php?storyid=1345
----------------------------------------------------------------------
About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.
Subscribe:
http://secunia.com/secunia_security_advisories/
Definitions: (Criticality, Where etc.)
http://secunia.com/about_secunia_advisories/
VVoVe: io ho Open Office
Rispondi quotando
