Firefox, when opening Microsoft Word documents, does not properly set the permissions on shared sections, which allows remote attackers to write arbitrary data to open applications in Microsoft Office.
https://exchange.xforce.ibmcloud.com/vulnerabilities/24346