MS05-023: Vulnerability in Word May Lead to Code Execution (890169)

This script is Copyright (C) 2005-2013 Tenable Network Security, Inc.


Synopsis :

Arbitrary code can be executed on the remote host through Word.

Description :

The remote host is running a version of Microsoft Word that could allow
arbitrary code to be run.

To succeed, the attacker would have to send a rogue Word file to a user
of the remote computer and have it open it. Then the macros contained
in the Word file would bypass the security model of Word, and would be
executed.

See also :

http://technet.microsoft.com/en-us/security/bulletin/ms05-023

Solution :

Microsoft has released a set of patches for Word 2000, 2002 and
2003.

Risk factor :

High / CVSS Base Score : 9.3
(CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C)
CVSS Temporal Score : 6.9
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Windows : Microsoft Bulletins

Nessus Plugin ID: 18026 ()

Bugtraq ID: 13122
13119

CVE ID: CVE-2004-0963
CVE-2005-0558