Microsoft Word 2000 Remote Code-Execution Vulnerability

vendor:

Word

by:

SecurityFocus

9.3

CVSS

HIGH

Remote Code-Execution

119

CWE

Product Name: Word

Affected Version From: Microsoft Word 2000

Affected Version To: Microsoft Word 2003/XP

Patch Exists: Yes

Related CWE: N/A

CPE: a:microsoft:word

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Windows

2005

Microsoft Word 2000 Remote Code-Execution Vulnerability

Microsoft Word 2000 is prone to a remote code-execution vulnerability. Exploit attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service for legitimate users.

Mitigation:

Upgrade to the latest version of Microsoft Word

Source

Exploit-DB raw data:

source: https://www.securityfocus.com/bid/22225/info

Microsoft Word 2000 is prone to a remote code-execution vulnerability.

Microsoft Word 2000 is confirmed vulnerable to a remote code-execution issue. Exploit attempts against Word 2003/XP will consume all CPU resources and will cause a denial of service for legitimate users.

Note that this issue is distinct from issues described in BID 21589 (Microsoft Word Code Execution Vulnerability), BID 21451 (Microsoft Word Malformed String Remote Code Execution Vulnerability), and BID 21518 (Microsoft Word Malformed Data Structures Code Execution Vulnerability). 

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/29524.doc