Juha-Matti Laurio

**Name of the Vulnerable Software and Affected Versions** Microsoft Word versions 2000 through 2003 Microsoft Office version 2003 **Description** The issue allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file, resulting in a malformed stack. This could be exploited when Microsoft Word opens a specially crafted file, which might be included as an e-mail attachment or hosted on a malicious web site. Malware such as Trojan.Mdropper.Q, Mofei, and Femo have been known to exploit this issue. **Recommendations** For Microsoft Word versions 2000 through 2003, update to a version that is not affected by this issue. For Microsoft Office version 2003, update to a version that is not affected by this issue. As a temporary workaround, consider avoiding the use of Microsoft Word to open files from untrusted sources until a patch is available. Restrict access to e-mail attachments and malicious web sites to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Microsoft Excel (affected versions not specified) **Description** A remote code execution issue exists when Excel parses a file and processes a malformed STYLE record, allowing an attacker to potentially exploit this issue. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Firefox version 1.0.3 Description: The issue allows remote attackers to execute arbitrary Javascript in other domains. This is achieved by using an IFRAME and causing the browser to navigate to a previous javascript: URL, which can lead to arbitrary code execution. Recommendations: For Firefox version 1.0.3, update to a newer version to mitigate the risk.

Name of the Vulnerable Software and Affected Versions: Firefox version 1.0.3 Description: The issue allows remote web sites on the browser's whitelist to execute arbitrary Javascript with chrome privileges. This can lead to arbitrary code execution on the system when combined with other vulnerabilities. The exploitation can be demonstrated using a javascript: URL as the package icon and a cross-site scripting (XSS) attack on a vulnerable whitelist site. Recommendations: For Firefox version 1.0.3, consider restricting access to the `install` function until a patch is available. As a temporary workaround, avoid using the `javascript:` URL scheme for package icons to minimize the risk of exploitation.