CVE-2010-1903

Name of the Vulnerable Software and Affected Versions Microsoft Office Word versions 2002 SP3 through 2003 SP3 Office Word Viewer (affected versions not specified) Microsoft Office Word 2007 (affected versions not specified)

Description A remote code execution issue exists in the way Microsoft Office Word handles specially crafted Word files with malformed records. This could allow an attacker to execute arbitrary code or cause a denial of service due to memory corruption. An attacker who successfully exploits this issue could gain complete control of an affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights. The impact may be less severe for users with limited user rights compared to those operating with administrative rights.

Recommendations For Microsoft Office Word versions 2002 SP3 through 2003 SP3, update to a version that is not affected by this issue. For Office Word Viewer, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Microsoft Office Word 2007, at the moment, there is no information about a newer version that contains a fix for this vulnerability.