# Exploit Title: Word 2003 SP2 .doc fork bomb on WinXP SP3 # Exploit Author: absane # Blog: http://blog.noobroot.com # Discovery date: November 8th 2003 # Vendor Homepage: http://www.microsoft.com # Tested on: Windows XP SP3 & Word 2003 SP2 (11.6568.6568) ****************** * Vulnerability * ****************** A malformed .doc file with an embedded image causes a fork bomb in Word 2003 SP2 on Windows XP SP3 by comsuming 99% - 100% of the CPU cycles which can only be ended by teminating the process. ****************** *Proof of Concept* ****************** http://www.noobroot.com/exploits/word2003forkbomb.doc ****************** * Mitigation * ****************** The vulnerability does not appear to affect Office 2010+ and any other versions of Windows. Upgrade to Windows 7 or higher and/or upgrade to Office 2010 or higher.
