Vulnerability Details CVE-2008-2244
Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.642
EPSS Ranking 98.3%
CVSS Severity
CVSS v2 Score 9.3
References
- http://blogs.technet.com/msrc/archive/2008/07/08/vulnerability-in-microsoft-word-could-allow-remote-code-execution.aspx
- http://isc.sans.org/diary.html?storyid=4696
- http://marc.info/?l=bugtraq&m=121915960406986&w=2
- http://marc.info/?l=bugtraq&m=121915960406986&w=2
- http://secunia.com/advisories/30975
- http://www.microsoft.com/technet/security/advisory/953635.mspx
- http://www.securityfocus.com/bid/30124
- http://www.securitytracker.com/id?1020447
- http://www.us-cert.gov/cas/techalerts/TA08-225A.html
- http://www.vupen.com/english/advisories/2008/2028
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43663
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5897
- http://blogs.technet.com/msrc/archive/2008/07/08/vulnerability-in-microsoft-word-could-allow-remote-code-execution.aspx
- http://isc.sans.org/diary.html?storyid=4696
- http://marc.info/?l=bugtraq&m=121915960406986&w=2
- http://marc.info/?l=bugtraq&m=121915960406986&w=2
- http://secunia.com/advisories/30975
- http://www.microsoft.com/technet/security/advisory/953635.mspx
- http://www.securityfocus.com/bid/30124
- http://www.securitytracker.com/id?1020447
- http://www.us-cert.gov/cas/techalerts/TA08-225A.html
- http://www.vupen.com/english/advisories/2008/2028
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43663
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5897
Products affected by CVE-2008-2244
-
cpe:2.3:a:microsoft:office_word:2002