Reported November 11, 2003, by Microsoft.
· Microsoft Works Suite 2004, 2003, and 2002
· Microsoft Word 2002, 2000, 98(J), and 97
· Microsoft Excel 2002, 2000, 97
A newly discovered vulnerability in Microsoft Word and Excel can result in the execution of arbitrary code on the vulnerable system. The vulnerability in Word results from the way Word checks the length of a data value (Macro names) embedded in a document. If a user were to open a specially crafted document, the document could overflow a data value in Word and permit the execution of arbitrary code. The vulnerability in Excel results from the method that Excel uses to check the spreadsheet before reading the macro instructions. To exploit this vulnerability, an attacker could craft a malicious file that would bypass the macro security model.
Microsoft has released security bulletin MS03-050, "Vulnerability in Microsoft Word and Microsoft Excel Could Allow Arbitrary Code to Run (831527)," to address these vulnerabilities and recommends that affected users immediately apply the appropriate patch listed in the bulletin.
Discovered by Kazuyuki Housaka.