CVE-2014-0258

Name of the Vulnerable Software and Affected Versions Microsoft Word versions 2003 SP3 through 2007 SP3 Office Compatibility Pack version SP3 Word Viewer (affected versions not specified)

Description The issue is related to errors that occur when processing specially crafted files, allowing a remote attacker to execute arbitrary code and gain full control over the system. This can result in the attacker being able to install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Word 2003 SP3, update to a version that is not affected by this issue. For Microsoft Word 2007 SP3, update to a version that is not affected by this issue. For Office Compatibility Pack SP3, update to a version that is not affected by this issue. For Word Viewer, at the moment, there is no information about a newer version that contains a fix for this vulnerability.