Microsoft Word 97 / 2000 Mail Merge Code Execution Vulnerability

Solution:
* There have been reports that the provided patches limit exploitation through dotted UNC paths only. Exploitation through files placed in a known local location may still be possible.

A Word 97 patch has been reported to be available as Microsoft KB Article Q272749.

Microsoft has released the following patches which eliminate the vulnerability:


Microsoft Word 2000


 

Privacy Statement
Copyright 2010, SecurityFocus