N/A

Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.

N/A

N/A

Microsoft Word文件解析溢出(MS05-023)

Microsoft Word是微软发布的非常流行的办公软件。 Microsoft Word中存在缓冲区溢出漏洞，起因是winword.exe在解析文档文件时缺少数据验证，这样就可能通过修改*.doc文件中的数据触发异常。 成功利用这个漏洞的攻击者可以完全控制受影响的系统，然后攻击者就可以安装程序，浏览，更改或删除数据，或创建拥有完全权限的新帐号。在系统中配置为较少权限的帐号比以管理权限操作用户所受威胁要小。

N/A

N/A