CVE-2013-3851

Name of the Vulnerable Software and Affected Versions Microsoft Office versions 2003 SP3 through 2007 SP3 Word versions 2003 SP3 through 2007 SP3 Office Compatibility Pack version SP3 Word Viewer version (affected versions not specified)

Description The issue allows remote attackers to execute arbitrary code or cause a denial of service via a crafted Office document. Remote code execution vulnerabilities exist in the way that affected Microsoft Office software parses specially crafted files. An attacker who successfully exploits these vulnerabilities could take complete control of an affected system, then install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office versions 2003 SP3 through 2007 SP3, update to a version that is not affected by this issue. For Word versions 2003 SP3 through 2007 SP3, update to a version that is not affected by this issue. For Office Compatibility Pack version SP3, update to a version that is not affected by this issue. For Word Viewer, at the moment, there is no information about a newer version that contains a fix for this vulnerability.