SecuriTeam Secure Disclosure
SecuriTeam Secure Disclosure (SSD) provides the support you need to turn your experience uncovering security vulnerabilities into a highly paid career. SSD was designed by researchers for researchers and will give you the fast response and great support you need to make top dollar for your discoveries.
Microsoft Word is a word processor developed by Microsoft. It was first released in 1983 under the name Multi-Tool Word for Xenix systems.
Word 2003/2007 is prone to a remote code execution issue because of a component that allows script execution in the context of the opened document which will run in the context of the local machine security zone of Windows/Internet Explorer. This security zone has relaxed restrictions allowing arbitrary code to be executed using eg. ADO objects such as the ADODB.recordset that is able to create arbitrary files in arbitrary locations in the disk, including of course, the currently logged on user´s startup folder. The file can be an HTML application, and will be run next time Windows boots and the same user that was affected by this vulnerability logs on to Windows.