Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-2244

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-2244
Last Modified 07 Mar 2011 10:08:53
Published 09 Jul 2008 06:41:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-2244

Summary

Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.

Vulnerable Systems

Application

  • Microsoft Office Word 2002


References

CERT - TA08-225A

XF - microsoft-word-unspecified-code-execution(43663)

VUPEN - ADV-2008-2028

SECTRACK - 1020447

BID - 30124

CONFIRM - http://www.microsoft.com/technet/security/advisory/953635.mspx

SECUNIA - 30975

HP - HPSBST02360

MISC - http://isc.sans.org/diary.html?storyid=4696

CONFIRM - http://blogs.technet.com/msrc/archive/2008/07/08/vulnerability-in-microsoft-word-could-allow-remote-code-execution.aspx

HP - SSRT080117


Last Updated: 27 May 2016 10:49:54