Microsoft Word 2000 Unspecified Code Execution Exploit (0day)

Feb 05 2007 15:16:26
Source: ace

+ Title: Microsoft Word 2000 Unspecified Code Execution Vulnerability Exploit (0-day)

+ code by xCuter (BongGoo Kang - xcuter@returnaddr.org)

+ Critical: High Critical

+ Impact: MS Word 2000 -> Could Allow Arbitrary Command Execution
MS word 2003 -> Attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service

+ Where: From remote

+ Tested Operating System: Windows XP SP2 FULL PATCHED (Korean Language)

+ Tested Software: Microsoft(R) Word 2000 (9.0.2720)

+ Solution: Not Patched (zero-day)

+ Description:
When a user opens a specially crafted Word file using a malformed string,
it may corrupt system memory in such a way that an attacker could execute arbitrary code
This exploit will be execute command - 'CMD.EXE'

+ Reference : http://www.microsoft.com/technet/security/advisory/932114.mspx - Microsoft Security Advisory (932114)

- http://www.milw0rm.com/sploits/02032007-word2000exp.doc
- http://www.returnaddr.org/exploit/word2000

» full story @ source-link: ace

Comments

Add Comment

You must be registered and logged in to add comments!

Register
Login