Vulnerability Description
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Word | 97 |
| Microsoft | Works | 2001 |
References
- http://archives.neohapsis.com/archives/bugtraq/2003-10/0163.htmlVendor Advisory
- http://www.security.nnov.ru/search/document.asp?docid=5243Third Party Advisory
- http://www.securityfocus.com/bid/8835PatchThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-05
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13682Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
- http://archives.neohapsis.com/archives/bugtraq/2003-10/0163.htmlVendor Advisory
- http://www.security.nnov.ru/search/document.asp?docid=5243Third Party Advisory
- http://www.securityfocus.com/bid/8835PatchThird Party AdvisoryVDB Entry
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-05
- https://exchange.xforce.ibmcloud.com/vulnerabilities/13682Third Party AdvisoryVDB Entry
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Third Party Advisory
FAQ
What is CVE-2003-0820?
CVE-2003-0820 is a vulnerability with a CVSS score of 7.5 (HIGH). Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute ...
How severe is CVE-2003-0820?
CVE-2003-0820 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2003-0820?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Word, Microsoft Works.