CVE-2003-0820

CVE Database · CVE-2003-0820

CVE-2003-0820

· N/AModified

CVSS v3.1

N/A

EPSS

25.73%

Published

Dec 15, 2003

Modified

Apr 15, 2026

Public PoC / Exploit

All weaponized →

No public PoC or exploit code indexed for this CVE.

Links to public security research (Exploit-DB, Nuclei, Trickest, GitHub) for defensive use only.

Description

Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

Affected Products (27)

microsoft · wordvulnerable

References (18)

http://archives.neohapsis.com/archives/bugtraq/2003-10/0163.html

Vendor Advisory

http://www.security.nnov.ru/search/document.asp?docid=5243

Third Party Advisory

http://www.securityfocus.com/bid/8835

PatchThird Party AdvisoryVDB Entry

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-050

https://exchange.xforce.ibmcloud.com/vulnerabilities/13682

Third Party AdvisoryVDB Entry

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A336

Third Party Advisory

KEV Catalog EPSS Scores Vendors All CVEs