118679 : MS05-035: Vulnerability In Word May Lead To Code Execution (903672)

Risk 4 : Microsoft Bulletins

The remote host is running a version of Microsoft Word which is subject to a flaw which may allow arbitrary code to be run.

An attacker may use this to execute arbitrary code on this host.

To succeed, the attacker would have to send a rogue word file to a user of the remote computer and have it open it. Then a bug in the font parsing handler would result in code execution.


Microsoft has released a set of patches for Word 2000 and XP :
CVSS Information:
Complete Confidentiality Impact, Complete Integrity Impact, Complete Availability Impact
Tenable : 2009-12-04
New Search
Risk Factor
Start Date
End Date