A
vulnerability has been identified in Microsoft Office, which could be
exploited by attackers to take complete control of an affected system.
This issue is due to a memory corruption error in the Brazilian
Portuguese Grammar Checker that does not perform sufficient data
validation when opening a document and parses the text, which could be
exploited by attackers to execute arbitrary commands by tricking a user
into opening a specially crafted file.
Affected Products
Microsoft Office 2003 Service Pack 2 (Brazilian Portuguese Version)
Microsoft Word 2003
Microsoft Excel 2003
Microsoft Outlook 2003
Microsoft Access 2003
Microsoft OneNote 2003
Microsoft PowerPoint 2003
Microsoft Publisher 2003
Microsoft Access 2003
Microsoft InfoPath 2003
Microsoft FrontPage 2003
Microsoft Visio 2003
Microsoft Visio Enterprise Architects 2003
Microsoft Office Multilingual User Interface 2003 Service Pack 2
Microsoft Project Multilingual User Interface 2003 Service Pack 2
Microsoft Visio Multilingual User Interface 2003 Service Pack 2
Microsoft Office Proofing Tools 2003 Service Pack 2
Solution
Security update for Microsoft Office 2003 Service Pack 2 (Brazilian Portuguese Version) :
http://www.microsoft.com/downloads/details.aspx?familyid=B828BA91-A993-41EC-839C-8995CCFAEC6B
Security update for Microsoft Office Multilingual User Interface 2003 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?familyid=C860DE66-DB1A-489D-8518-42CE468F5965
Security update for Microsoft Project Multilingual User Interface 2003 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?familyid=8F233E5D-1270-4041-9CDD-C3541B7F4B40
Security update for Microsoft Visio Multilingual User Interface 2003 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?familyid=C5A29C81-419C-440B-BF0B-FEC0C0708430
Security update for Microsoft Office Proofing Tools 2003 Service Pack 2 :
http://www.microsoft.com/downloads/details.aspx?familyid=51E9C97A-C35F-45AD-A587-8F08F1D34B7B
