MS10-067: Vulnerability in WordPad Text Converters Could Allow Remote Code Execution (2259922)
High Nessus Plugin ID 49225
SynopsisArbitrary code can be executed on the remote host through opening a Microsoft Word file.
DescriptionThe remote host contains a vulnerable version of Microsoft WordPad, Office, or Office Converter Pack. Opening a specially crafted Word 97 file can result in the execution of arbitrary code. A remote attacker could exploit this by tricking a user into opening a malicious Word file.
SolutionMicrosoft has released a set of patches for XP and 2003.