CVE-2001-0628 Information

Description

Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros which allows a local attacker to execute arbitrary macros with the user ID of the Word user.

Reference

http://support.microsoft.com/support/kb/articles/Q274/2/28.asp http://www.securityfocus.com/bid/2760 https://exchange.xforce.ibmcloud.com/vulnerabilities/6614