(MS01-028) RTF Document Linked to Template Can Run Macros Without Warning

Vulnerability Identifier: CVE-2001-0240

Discovery Date: May 21, 2001

Risk: Critical

Vulnerability Assessment Pattern File: 008

Related Malware: W97M_GOGA.A

Affected Software:

Microsoft Word 2000
Microsoft Word 2001(MAC)
Microsoft Word 97
Microsoft Word 98 (MAC)
Microsoft Word 98(J)

Description:

This vulnerability allows attackers to execute macros without user warning. It is done by linking a Rich Text Format document to a template that contains an embedded macro.

Search for another Security Advisory