Vulnerabilities

Microsoft Office Word 2000 remote vulnerability (PC1-2009-1564)

Vulnerability chart	Risk level Low Medium High Extreme Severe Warning: security vulnerability level = severe 88 vulnerabilities(-y) found between 11 August, 2000 and 10 June, 2009. Microsoft Word is known as Microsoft's word processing software.It allows... more See also: Office Word, Word XP, Word 99 files found: macrode.exe, winword.exe, MSD.EXE, wordart.exe, graph.exe, olecli.dll, imwpg.dll, imdrw.dll, thes.dll, hyph.dll, imhgl.dll, cgi_gdi.dll, imwmf.dll, fontfx.dll, grammar.dll... more A buffer overflow vulnerability has been located and discovered in Microsoft Office Word,2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2.
Unknown vulnerability Unknown patch availability Patch implementation unknown

Description:	A buffer overflow vulnerability has been located in Microsoft Office Word,2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2.Malicious attackers may be able to execute arbitrary code.
Impact:	Exploitability Execution of abitrary code. Remote access.
Solution:	Apply the latest patches.
References:	http://www.microsoft.com/technet/security/Bulletin/MS09-027.mspx

CVSS Severity		CVSS Version 2 Metrics:
CVSS v2 Base Score:	9.3 (HIGH)	Access Vector:	N/A
Impact Subscore:	10.0	Access Complexity:	Medium
Exploitability Subscore:	8.6	Authentication:	Not required to exploit
		Impact Type:	Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service