There is a shared section vulnerability in office products when trying to open an office document with firefox. For example try to open a word document attached in a webmail. firefox.exe process will create a son winword.exe process (it only appears when the process is created with firefox not svchosts). When creating this process a shared section is created called \BaseNameObjects\Mso97SharedDgXXXXXXXX (the number may change I am not sure at the present time). The rights on this shared section are put on "everyone" for delete/synchronise/query/modify. this allows to write arbitrary data and to perform a Dos against ALL Office open applications. I do not manage to know if it is a firefox or Microsoft office vulnerability
