Microsoft Word 97 / 2000 Mail Merge Code Execution Vulnerability

* There have been reports that the provided patches limit exploitation through dotted UNC paths only. Exploitation through files placed in a known local location may still be possible.

A Word 97 patch has been reported to be available as Microsoft KB Article Q272749.

Microsoft has released the following patches which eliminate the vulnerability:

Microsoft Word 2000


Privacy Statement
Copyright 2010, SecurityFocus