search menu icon-carat-right cmu-wordmark

CERT Coordination Center

Microsoft Office uninitialized object pointer vulnerability

Vulnerability Note VU#909022

Original Release Date: 2011-09-13 | Last Revised: 2012-03-28


Microsoft Office fails to properly handle certain Word documents, which may allow a remote, unauthenticated attacker to execute arbitrary code.


Code in the MSO.dll component of Microsoft Office 2003, 2007, and 2010 fails to properly initialize an object pointer when loading binary (Word 97-2003 format) Word documents.


By convincing a user to open a specially crafted Office document, an attacker may be able to execute arbitrary code.


Apply an update

This issue is addressed in Microsoft Security Bulletin MS11-073.

Block Office 2003 and earlier documents from untrusted sources

Microsoft Security Bulletin MS11-073 details how to use the Microsoft Office File Block policy to prevent specific file format types from being opened in Microsoft Office.

Vendor Information


Microsoft Corporation Affected

Notified:  November 30, 2010 Updated: September 13, 2011

Statement Date:   August 29, 2011



Vendor Statement

We have not received a statement from the vendor.

Vendor Information

Please see Microsoft Security Bulletin MS11-073 for additional details.

Vendor References

CVSS Metrics

Group Score Vector
Base 9 AV:N/AC:M/Au:N/C:C/I:C/A:P
Temporal 7 E:POC/RL:OF/RC:C
Environmental 7 CDP:ND/TD:ND/CR:ND/IR:ND/AR:ND



This issue was reported by David Warren.

This document was written by David Warren.

Other Information

CVE IDs: CVE-2011-1982
Severity Metric: 1.62
Date Public: 2011-09-13
Date First Published: 2011-09-13
Date Last Updated: 2012-03-28 15:13 UTC
Document Revision: 25

Sponsored by CISA.