CVE-2006-3493

Name of the Vulnerable Software and Affected Versions Microsoft Office versions prior to the fixed version

Description A buffer overflow issue exists in the LsCreateLine function, affecting Microsoft Word and possibly other products in Microsoft Office. This issue can be exploited by remote user-assisted attackers via a crafted Word DOC or other Office file type, leading to a denial of service (crash). Initially, it was reported that this issue could allow code execution, but Microsoft and the original researcher later confirmed that code execution is not possible.

Recommendations For Microsoft Office versions prior to the fixed version, update to the fixed version to resolve the issue. As a temporary workaround, consider avoiding the use of crafted Word DOC or other Office file types that could trigger the buffer overflow in the LsCreateLine function.