CVE-2014-1758

Name of the Vulnerable Software and Affected Versions Microsoft Word version 2003 SP3

Description The issue is related to a stack-based buffer overflow that allows remote attackers to execute arbitrary code via a crafted document. This occurs due to insufficient checking of user input data, which can lead to a buffer overflow, resulting in denial of service or allowing the execution of arbitrary code. A remote code execution issue exists in the way Microsoft Word parses specially crafted files, potentially allowing an attacker to run arbitrary code as the current user. If the current user has administrative rights, an attacker could gain complete control of the affected system, enabling them to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Word 2003 SP3, consider avoiding the use of crafted documents that could trigger the buffer overflow until a patch is available. As a temporary workaround, restrict the opening of files from untrusted sources to minimize the risk of exploitation.