CVE-2006-6456

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2000 through 2003 Microsoft Word Viewer version 2003

Description The issue is related to a remote code execution vulnerability in the way Microsoft Word handles Word files with a specially crafted data structure. This could allow attackers to execute code via malformed data structures that trigger memory corruption. A specially crafted file might be included as an e-mail attachment or hosted on a malicious Web site, and an attacker could exploit the vulnerability by constructing such a file.

Recommendations For Microsoft Word versions 2000 through 2003, update to a version that is not affected by this issue. For Microsoft Word Viewer version 2003, consider avoiding the use of this version until a patch or update is available that addresses the vulnerability. As a temporary workaround, consider restricting the opening of Word files from untrusted sources to minimize the risk of exploitation.