CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1202

Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability."

Exploit prediction scoring system (EPSS) score

EPSS Score 0.582

EPSS Ranking 98.0%

CVSS Severity

CVSS v2 Score 6.8

References

Products affected by CVE-2007-1202

Microsoft » Word » Version: 2000

cpe:2.3:a:microsoft:word:2000
Microsoft » Word » Version: 2002

cpe:2.3:a:microsoft:word:2002
Microsoft » Word » Version: 2003

cpe:2.3:a:microsoft:word:2003
Microsoft » Word » Version: 2004

cpe:2.3:a:microsoft:word:2004
Microsoft » Word Viewer » Version: 2003

cpe:2.3:a:microsoft:word_viewer:2003
Microsoft » Works » Version: 2004

cpe:2.3:a:microsoft:works:2004
Microsoft » Works » Version: 2005

cpe:2.3:a:microsoft:works:2005
Microsoft » Works » Version: 2006

cpe:2.3:a:microsoft:works:2006

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2007-1202

Products

Pricing

Contact Us