CVE-2005-0564 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Microsoft Word

2 documents2 sources

Severity

7.5HIGHNVD

EPSS

33.7%

top 3.04%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Word

Timeline

PublishedJul 12

Latest updateMay 1

Description

Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

▶NVDmicrosoft/word2000, 2002+1

Patches

Patch: www.idefense.com ↗Patch: www.idefense.com ↗

🔴Vulnerability Details

GHSA

GHSA-87h8-h6wc-7xhj: Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execut↗2022-05-01

▶