• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

Microsoft Word Malformed Data Structures Code Execution Vulnerability

Microsoft Word is prone to a remote code-execution vulnerability.

An attacker could exploit this issue by enticing a victim to open a malicious Word file. If the attack is successful, the attacker may be able to execute arbitrary code in the context of the currently logged-in user.

This issue is being actively exploited in the wild in limited targeted attacks.

Note that this issue is distinct from BID 21451 (Microsoft Word Malformed String Arbitrary Remote Code Execution Vulnerability).

Update - February 1, 2007: A new variant of this issue has been detected in the wild. Please see the references for more information about this variant, which is referred to as Trojan.Mdropper.X. Note that Trojan.Mdropper.X was previously thought to be targeting a new vulnerability that was described in BID 22328 (Microsoft Word 2003 Unspecified Code Execution Vulnerability). However, further analysis and reports have revealed that it is not distinct from this vulnerability. BID 22328 has been retired.