Description
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.
Product(s):
- Microsoft Word 2000
- Microsoft Word 2000 Japanese
- Microsoft Word 2000 Korean
- Microsoft Word 2000 Chinese
- Microsoft Word 2000 sp2
- Microsoft Word 2000 sp3
- Microsoft Word 2000 sr1
- Microsoft Word 2000 sr1a
- Microsoft Word 2000 sr2
- Microsoft Word 2002
- Microsoft Word 2002 sp1
- Microsoft Word 2002 sp2
- Microsoft Word 2002 Service Pack 3
- Microsoft Word 97
- Microsoft Word 97 Japanese
- Microsoft Word 97 Korean
- Microsoft Word 97 Chinese
- Microsoft Word 97 sr1
- Microsoft Word 97 sr2
- Microsoft Word 98
- Microsoft Word 98 for Mac OS X
- Microsoft Word 98 Japanese
- Microsoft Word 98 Korean
- Microsoft Word 98 Chinese
- Microsoft Word 98 SR1
- Microsoft Word 98 1 sr1 Japanese
- Microsoft word_macos 98 sr1
- Microsoft Word 98 SR2
- Microsoft Word 98 sr2 Japanese
- Microsoft word_macos 98 sr2
- Microsoft works_suite 2001
- Microsoft works_suite 2002
- Microsoft works_suite 2003
Question to Ask Vendors:
- Can you confirm whether your systems are affected by CVE-2003-0664, and if so, what steps are you currently taking to mitigate this vulnerability?
- What is your estimated timeline for fully resolving CVE-2003-0664 in your products or services, and how will you communicate updates on this issue to us as your customer?
Recommended Actions:
- Check out the advisory links provided below.