CVE-2003-0820

Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

Published: Dec 15, 2003
Updated: Apr 13, 2023
CVE: CVE-2003-0820
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / word	97-sr2	97-sr2.x
microsoft / word	2002-sp1	2002-sp1.x
microsoft / word	2000	2000.x
microsoft / word	2000-sr1a	2000-sr1a.x
microsoft / word	97-sr1	97-sr1.x
microsoft / word	98	98.x
microsoft / works	2001	2001.x
microsoft / word	97	97.x
microsoft / works	2002	2002.x
microsoft / word	2000-sp2	2000-sp2.x
microsoft / word	98-sr2	98-sr2.x
microsoft / word	2002	2002.x
microsoft / word	98-sr1	98-sr1.x
microsoft / word	2000-sp3	2000-sp3.x
microsoft / word	2000-sr1	2000-sr1.x
microsoft / works	2003	2003.x
microsoft / works	2004	2004.x
microsoft / word	2002-sp2	2002-sp2.x

Vulnerability Database

289,599

CVE-2003-0820