Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.

More... (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2008-2244)