CERT-In Vulnerability Note CIVN-2006-135
Microsoft Word Remote Code Execution Vulnerability

Original Issue Date: December 28, 2006
Updated : February 14, 2007

Severity Rating: High

System Affected

• Microsoft Word 2000
• Microsoft Word 2003
• Microsoft Word X for the Mac
• Microsoft Word XP
• Microsoft Word Viewer 2003

Overview

A remote code execution vulnerability has been reported in Microsoft Word that could be exploited by an attackers to take complete control of the vulnerable system.

Description

The vulnerability is caused due to a memory corruption error while handling malformed pointer in a Word document.

The attacker could exploit this vulnerability by creating a specially crafted Word file. An attacker could host a web site containing the specially crafted word file and could persuade the user to visit the website typically by getting them click on a link to the website. Opening this Crafted word file could corrupt the system memory and allow attacker to execute arbitrary code.

WorkAround

Do not open or save Word files that received from un-trusted sources or received unexpectedly from trusted sources .

Solution

Apply appropriate patches as mentioned in Microsoft Security Bulletin MS07-014

References

Internet Security Systems
http://xforce.iss.net/xforce/xfdb/30885

USCERT
http://www.kb.cert.org/vuls/id/996892

CVE Name
CVE-2006-6561

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91-11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003