Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0109

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0109
Last Modified 10 Mar 2011 12:00:00
Published 12 Feb 2008 06:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0109

Summary

Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption.

Vulnerable Systems

Application

  • Microsoft Office 2000

  • Microsoft Office 2003

  • Microsoft Office Xp

  • Microsoft Word


References

CERT - TA08-043C

CERT-VN - VU#692417

MS - MS08-009

VUPEN - ADV-2008-0511

SECTRACK - 1019374

BID - 27656

BUGTRAQ - 20080213 [Reversemode Advisory] February Advisories : Microsoft Word 2003 + Fortinet Forticlient

SECUNIA - 28901

HP - SSRT080016

HP - HPSBST02314


Last Updated: 27 May 2016 10:47:27