CERT-In Vulnerability Note CIVN-2006-40
Microsoft Word Unspecified Code Execution Vulnerability

Original Issue Date: May 21, 2006
Updated: June 14, 2006

Severity Rating: High

Applications Affected

• Microsoft Office XP
• Microsoft Word 2003
• Microsoft Word 2002

Overview

A vulnerability has been reported in Microsoft Word that could be exploited by attacker to execute arbitrary code to take complete control of the vulnerable system.

Description

This vulnerability is caused due to an unchecked buffer which allow buffer overflow while processing malformed documents.

The attacker could exploit this vulnerability by convincing user to open specially crafted word documents, including documents hosted on web sites or attached to email messages to inject and execute arbitrary code with the privileges of the user running Microsoft Word. The attacker could take the complete control of the system If the user running the Microsoft Word with administrator privileges.

Workaround

• Do not open untrusted Word documents.
• Do not rely on filename extension filtering.

Solution:

Apply appropriate patch as mentioned in MS security Bulletin MS06-027

References

US-CERT
http://www.kb.cert.org/vuls/id/446012

SANS
http://isc.sans.org/diary.php?storyid=1345

Secunia
http://secunia.com/advisories/20153/

Frsirt
http://www.frsirt.com/english/advisories/2006/1872

CVE Name

CVE-2006-2492

Disclaimer

The information provided herein is on "as is" basis, without warranty of any kind.

Contact Information

Phone: +91 11-24368572

Postal address

Indian Computer Emergency Response Team (CERT-In)
Ministry of Communications and Information Technology
Electronics Niketan
6, C.G.O. Complex
New Delhi-110 003