Intrusion Prevention

MS.Word.FKP.Count.Code.Execution

Description

This indicates a possible exploit of a memory manipulation vulnerability in Microsoft Word, that may allow user-assisted remote attackers to execute arbitrary code via a crafted DOC file.

Affected Products

Microsoft Word X for Mac
Microsoft Word 2004 for Mac 0
Microsoft Word 2003 Viewer
Microsoft Word 2003
Microsoft Word 2002 SP3
Microsoft Word 2002 SP2
Microsoft Word 2002 SP1
Microsoft Word 2002
Microsoft Word 2000 Korean Version
Microsoft Word 2000 Japanese Version
Microsoft Word 2000 Chinese Version
Microsoft Word 2000 SR1a
Microsoft Word 2000 SR1
Microsoft Word 2000 SP3
Microsoft Word 2000 SP2
Microsoft Word 2000
Microsoft Office Word 2003 Viewer 0
Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2000 SP3
Microsoft Office 2000 SP1

Impact

System Compromise: Remote attackers can gain control of vulnerable systems.

Recommended Actions

Apply the most recent upgrade or patch from the vendor.
https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2007/ms07-014

CVE References

CVE-2006-6561 CVE-2006-6456