CVE-2007-0035

Name of the Vulnerable Software and Affected Versions Microsoft Word versions in Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006

Description The issue arises from the improper handling of data within a certain array by Microsoft Word, allowing user-assisted remote attackers to execute arbitrary code. This can be exploited through a specially crafted Word file, potentially included as an email attachment or hosted on a malicious website, leading to remote code execution.

Recommendations For Microsoft Word in Office 2000 SP3, update to a version that properly handles array data to prevent code execution. For Microsoft Word in Office XP SP3, apply the necessary patch to fix the array handling issue. For Microsoft Word in Office 2003 SP2, ensure that all security updates are applied to mitigate the risk of remote code execution. For Microsoft Word 2004 for Mac, and Works Suite 2004, 2005, and 2006, apply the relevant security fixes to address the array overflow issue.