CVE: CVE-2006-3435 (http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-3435)
Date: 10 October 2006
Severity: Critical
Vendor: details/patch (http://www.microsoft.com/technet/security/Bulletin/MS06-058.mspx)
IPS: zdi (http://www.zerodayinitiative.com/advisories/ZDI-06-032.html)
Exploit: not published

now i am studying office vulnerability.Can you tell me how I analysis a malformed word or ppt file?I mean how to get the position where they overflow.

Microsoft Office is a closed source application so you can:

Use a fuzzer or any manual changes , by chance you will trigger something, this is sometimes a good method to find many bugs in a limited period of time but, days after days, applications are more secured so you have better to debug step at step the application to check when & where you can exactly exploit.
A good demo about step at step debugging can be found on Hoglund website: http://www.hbgary.com/technology.shtml (Demo1)
He uses a debugger to check what is send() and recv() without the need of a sniffer, for office files you can do the same checking what is memcpy() for example ;)
But honestly, on the 5 or 6 office bugs I have discovered yet , only one was an overflow type, each others weren't documented flaws but much design mistakes allowing malicious executions, and to find this you have better to perfectly understand how to trace the program in a debugger.

Sorry for the late response and good luck in your research =)

note: I do not specially advertise here HBGary Inspector, even if it looks like a nice application, you have all required with standard debuggers as OllyDBG wich is free and IDA Pro not free but I recommand you to buy IDA because this is an unbeatable debugger+disassembler =)