Intrusion Prevention

MS.Word.Malformed.Document.Integer.Buffer.Overflow

Description

It indicates a possible exploit of Remote Buffer Overflow Vulnerability in Microsoft Words and Work suites.


Microsoft Word is most popular application for creating and sharing documents . Multiple vulnerabilities are reported in it that may allow an attacker to cause denial of service or possibly execute arbitrary code on the affected system. This is due to application failure to properly sanitize word document while parsing it. It is exploitable by an offset that triggers an out-of-bounds memory access and a certain value that causes a large memory copy as triggered by an integer conversion error, and other values. A remote attacker could exploit this vulnerability to execute arbitrary code on the affected system with rights of the victim, once the victim opens the document.

Affected Products

Microsoft Word 2003 SP1 , 2002 SP3 , Microsoft Works suite 2004 and respective earlier versions.

Impact

Compromise of the affected system.

Recommended Actions

Apply security patch to the system as given in the Microsoft Security Bulletin MS05-023.

CVE References

CVE-2004-0963

Other References

1