CVE-2003-0820

high Microsoft
CVSS v3 Base Score
7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
17.5%
Exploitation probability in 30 days
Top 5% most likely to be exploited
Attack Characteristics
Attack Vector
Network
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: December 15, 2003 (8186 days ago)
Last Modified: April 16, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

CWE

NVD-CWE-Other

Affected Products

microsoft wordmicrosoft works

References

🔗 archives.neohapsis.com 🔗 www.security.nnov.ru 🔗 www.securityfocus.com 🔗 docs.microsoft.com 🔗 exchange.xforce.ibmcloud.com