This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists when loading and unloading the vulnerable control (0002E543-0000-0000-C000-000000000046) and results in transfer of control to unallocated memory. This issue can be exploited to execute arbitrary code under the context of the currently logged in user user.