CVE-2008-4026

Severity

93%

Complexity

86%

Confidentiality

165%

Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed value, which triggers memory corruption, aka "Word Memory Corruption Vulnerability."

Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed value, which triggers memory corruption, aka "Word Memory Corruption Vulnerability."

CVSS 2.0 Base Score 9.3. CVSS Attack Vector: network. CVSS Attack Complexity: medium. CVSS Vector: (AV:N/AC:M/Au:N/C:C/I:C/A:C).

Overview

Type

Microsoft

First reported 16 years ago

2008-12-10 14:00:00

Last updated 6 years ago

2018-10-30 16:25:00

Affected Software

Microsoft Office 2004 Mac

2004

Microsoft Office 2008 Mac

2008

Microsoft Office Word Viewer 2003

2003

Microsoft Office Word Viewer 2003 SP3

2003

Microsoft Open XML File Format Converter for Mac

Microsoft Works 8.0

8.0

References

1021370

TA08-344A

US Government Resource

ADV-2008-3384

MS08-072

oval:org.mitre.oval:def:5807

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.