Vulnerability Details CVE-2007-0208
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.576
EPSS Ranking 98.0%
CVSS Severity
CVSS v2 Score 9.3
References
- http://www.osvdb.org/34385
- http://www.securityfocus.com/bid/22477
- http://www.securitytracker.com/id?1017639
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.vupen.com/english/advisories/2007/0583
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A700
- http://www.osvdb.org/34385
- http://www.securityfocus.com/bid/22477
- http://www.securitytracker.com/id?1017639
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.vupen.com/english/advisories/2007/0583
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A700
Products affected by CVE-2007-0208
-
cpe:2.3:a:microsoft:office:2000
-
cpe:2.3:a:microsoft:office:2003
-
cpe:2.3:a:microsoft:office:2004
-
cpe:2.3:a:microsoft:office:xp
-
cpe:2.3:a:microsoft:word:2000
-
cpe:2.3:a:microsoft:word:2002
-
cpe:2.3:a:microsoft:word:2003
-
cpe:2.3:a:microsoft:word_viewer:2003
-
cpe:2.3:a:microsoft:works:2004
-
cpe:2.3:a:microsoft:works:2005
-
cpe:2.3:a:microsoft:works:2006