Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Office | Microsoft | 2000 (including) | 2000 (including) |
| Office | Microsoft | 2000-sp1 (including) | 2000-sp1 (including) |
| Office | Microsoft | 2000-sp2 (including) | 2000-sp2 (including) |
| Office | Microsoft | 2000-sp3 (including) | 2000-sp3 (including) |
| Office | Microsoft | 2003 (including) | 2003 (including) |
| Office | Microsoft | 2003-sp1 (including) | 2003-sp1 (including) |
| Office | Microsoft | 2003-sp2 (including) | 2003-sp2 (including) |
| Office | Microsoft | 2003-sp3 (including) | 2003-sp3 (including) |
| Office | Microsoft | xp (including) | xp (including) |
| Office | Microsoft | xp-sp1 (including) | xp-sp1 (including) |
| Office | Microsoft | xp-sp2 (including) | xp-sp2 (including) |
| Office | Microsoft | xp-sp3 (including) | xp-sp3 (including) |