Wenxuan Zheng

**Name of the Vulnerable Software and Affected Versions** Microsoft Office (affected versions not specified) Microsoft Office Compatibility Pack (affected versions not specified) Microsoft Word (affected versions not specified) **Description** The issue is caused by a buffer overflow in memory, allowing a remote attacker to execute arbitrary code. Exploitation requires a user to open a specially crafted file with an affected version of Microsoft Office or Microsoft WordPad software. If successfully exploited, an attacker could run arbitrary code in the context of the current user, potentially taking control of the affected system, installing programs, viewing, changing, or deleting data, or creating new accounts with full user rights. Users with fewer user rights on the system could be less impacted than those operating with administrative user rights. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.