Unrated severityNVD Advisory· Published May 8, 2007· Updated Apr 23, 2026

CVE-2007-0035

Description

Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability."

Affected products

Microsoft/Office5 versions
cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*+ 4 more
- cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
- cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
Microsoft/Works3 versions
cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:works:2004:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:works:2005:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:works:2006:*:*:*:*:*:*:*

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.vupen.com/english/advisories/2007/1709nvdVendor Advisory
www.kb.cert.org/vuls/id/260777nvdUS Government Resource
www.us-cert.gov/cas/techalerts/TA07-128A.htmlnvdUS Government Resource
www.osvdb.org/34387nvd
www.securityfocus.com/archive/1/468871/100/200/threadednvd
www.securityfocus.com/bid/23804nvd
www.securitytracker.com/idnvd
docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024nvd
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1737nvd

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.047
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000