Intrusion Prevention

MS.Word.Malformed.String.Code.Execution

Description

It indicates a possible exploit of a memory corruption vulnerability in Microsoft Word, that may allow remote attackers to execute arbitrary code via a Word document containing a malformed string.

Affected Products

Microsoft Works Suite 2006 0
Microsoft Works Suite 2005 0
Microsoft Works Suite 2004
Microsoft Word X for Mac
Microsoft Word 2004 for Mac 0
Microsoft Word 2003 Viewer
Microsoft Word 2003
Microsoft Word 2002 SP3
Microsoft Word 2002 SP2
Microsoft Word 2002 SP1
Microsoft Word 2002
Microsoft Word 2000 Korean Version
Microsoft Word 2000 Japanese Version
Microsoft Word 2000 Chinese Version
Microsoft Word 2000 SR1a
Microsoft Word 2000 SR1
Microsoft Word 2000 SP3
Microsoft Word 2000 SP2
Microsoft Word 2000
Microsoft Office XP SP3
Microsoft Office XP SP2
Microsoft Office XP SP1
Microsoft Office XP
Microsoft Office X for Mac 0
Microsoft Office Word 2003 Viewer 0
Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2000 SP3
Microsoft Office 2000 SP1

Impact

Execute arbitrary code in the context of affected application.

Recommended Actions

Currently we are not aware of any vendor-supplied patches for this issue.

CVE References

CVE-2006-5994