CVE-2009-0565

Name of the Vulnerable Software and Affected Versions Microsoft Office Word versions 2000 SP3, 2002 SP3, and 2007 SP1 and SP2 Microsoft Office for Mac versions 2004 and 2008 Open XML File Format Converter for Mac (affected versions not specified) Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions SP1 and SP2

Description A buffer overflow issue allows remote attackers to execute arbitrary code via a Word document with a malformed record that triggers memory corruption. This vulnerability exists in the way that Microsoft Office Word handles a specially crafted Word file, potentially allowing an attacker to take complete control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office Word versions 2000 SP3, 2002 SP3, and 2007 SP1 and SP2, update to a version that includes the fix for this issue. For Microsoft Office for Mac versions 2004 and 2008, update to a version that includes the fix for this issue. For Open XML File Format Converter for Mac, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions SP1 and SP2, update to a version that includes the fix for this issue.