CVE Vulnerabilities

CVE-2003-0820

Published: Dec 15, 2003 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
7.5 HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
RedHat/V2
RedHat/V3
Ubuntu

Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the Macro names data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

Affected Software

Name Vendor Start Version End Version
Word Microsoft 97 (including) 97 (including)
Word Microsoft 97-sr1 (including) 97-sr1 (including)
Word Microsoft 97-sr2 (including) 97-sr2 (including)
Word Microsoft 98 (including) 98 (including)
Word Microsoft 98-sr1 (including) 98-sr1 (including)
Word Microsoft 98-sr2 (including) 98-sr2 (including)
Word Microsoft 2000 (including) 2000 (including)
Word Microsoft 2000-sp2 (including) 2000-sp2 (including)
Word Microsoft 2000-sp3 (including) 2000-sp3 (including)
Word Microsoft 2000-sr1 (including) 2000-sr1 (including)
Word Microsoft 2000-sr1a (including) 2000-sr1a (including)
Word Microsoft 2002 (including) 2002 (including)
Word Microsoft 2002-sp1 (including) 2002-sp1 (including)
Word Microsoft 2002-sp2 (including) 2002-sp2 (including)
Works Microsoft 2001 (including) 2001 (including)
Works Microsoft 2002 (including) 2002 (including)
Works Microsoft 2003 (including) 2003 (including)
Works Microsoft 2004 (including) 2004 (including)

References