| VID |
26149 |
| Severity |
40 |
| Port |
139,445 |
| Protocol |
TCP |
| Class |
SMB |
| Detailed Description |
The hotfix (903672) for 'Vulnerability in Microsoft Word' has not been applied. This update resolves two newly-discovered vulnerabilities in Microsoft Word that could allow an attacker to run arbitrary code on a user's system. Microsoft Word 2000, 2002 and Microsoft Works Suite 2000, 2001, 2002, 2003, and 2004 are vulnerable to a stack-based buffer overflow vulnerability when processing fonts. This could result in execution of arbitrary code in the context of a user who opens the malicious document. Internet Explorer is a likely attack vector as Word may be opened to handle the document when the user clicks a link. If a user is logged on with administrative privileges, an attacker who successfully exploited this vulnerability could take complete control of an affected system.
* Note: This check requires an account with administrative privileges which can log into the host to scan. Absence of these condition will result in the check not being performed and a False Negative for all vulnerable hosts.
* References:
http://www.microsoft.com/technet/security/bulletin/ms05-035.mspx
* Affected Platforms:
Microsoft Word 2000
Microsoft Word 2002
Microsoft Works Suite 2000, 2001, 2002, 2003, and 2004
Microsoft Windows Any version |
| Recommendation |
Apply the appropriate patch for your system, as listed in the Microsoft Security Bulletin MS05-035 at http://www.microsoft.com/technet/security/Bulletin/MS05-035.mspx |
| Related URL |
CVE-2004-0963,CVE-2005-0558 (CVE) |
| Related URL |
13119,13122 (SecurityFocus) |
| Related URL |
17635 (ISS) |
|
