CVE-2004-0963Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Word

3 documents3 sources
Severity
10.0CRITICALNVD
EPSS
44.1%
top 2.44%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Word
Timeline
PublishedFeb 9
Latest updateApr 29

Description

Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.

CVSS vector

AV:N/AC:L/C:C/I:C/A:CExploitability: 10.0 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/word2002

🔴Vulnerability Details

2
GHSA
GHSA-833j-h6cj-v3r8: Buffer overflow in Microsoft Word 2002 (102022-04-29
CVEList
CVE-2004-0963: Buffer overflow in Microsoft Word 2002 (102004-10-20
CVE-2004-0963 — Microsoft Word vulnerability | cvebase