CVE-2007-1202

N/A Unknown
Published: May 08, 2007 Modified: April 23, 2026
View on NVD

Description

Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability."

AI Explanation

Get an AI-powered plain-language explanation of this vulnerability and remediation steps.

Login to generate AI explanation

References to Advisories, Solutions, and Tools

Patch Vendor Advisory Exploit Third Party Advisory
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=525
Source: secure@microsoft.com
Patch
http://www.kb.cert.org/vuls/id/555489
Source: secure@microsoft.com
US Government Resource
http://www.osvdb.org/34388
Source: secure@microsoft.com
http://www.securityfocus.com/archive/1/468871/100/200/threaded
Source: secure@microsoft.com
http://www.securityfocus.com/bid/23836
Source: secure@microsoft.com
Patch
http://www.securitytracker.com/id?1018013
Source: secure@microsoft.com
Patch
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
Source: secure@microsoft.com
US Government Resource
http://www.vupen.com/english/advisories/2007/1709
Source: secure@microsoft.com
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
Source: secure@microsoft.com
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1900
Source: secure@microsoft.com
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=525
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.kb.cert.org/vuls/id/555489
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.osvdb.org/34388
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/archive/1/468871/100/200/threaded
Source: af854a3a-2127-422b-91ae-364da2661108
http://www.securityfocus.com/bid/23836
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.securitytracker.com/id?1018013
Source: af854a3a-2127-422b-91ae-364da2661108
Patch
http://www.us-cert.gov/cas/techalerts/TA07-128A.html
Source: af854a3a-2127-422b-91ae-364da2661108
US Government Resource
http://www.vupen.com/english/advisories/2007/1709
Source: af854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024
Source: af854a3a-2127-422b-91ae-364da2661108
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1900
Source: af854a3a-2127-422b-91ae-364da2661108

20 reference(s) from NVD

Quick Stats

CVSS v3 Score
N/A / 10.0
EPSS (Exploit Probability)
64.0%
98th percentile
Exploitation Status
Not in CISA KEV

Weaknesses (CWE)

CWE-20

Affected Vendors

microsoft

Related CVEs

CVE-2026-8657 8.2
CVE-2026-8656 6.1
CVE-2026-8681 5.3
CVE-2026-8704 N/A
CVE-2026-8700 N/A