CVE-2007-0208: Input Validation
First published: Tue Feb 13 2007(Updated: )
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Works Suite | =2006 | |
| Microsoft Office | =2004 | |
| Microsoft Office Word | =2000 | |
| Microsoft Office | =xp-sp3 | |
| Microsoft Office | =2003-sp2 | |
| Microsoft Office Word | =2003 | |
| Microsoft Works Suite | =2005 | |
| Microsoft Office Word | =2002 | |
| Microsoft Office Word Viewer | =2003 | |
| Microsoft Works Suite | =2004 | |
| Microsoft Office | =2000-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.securityfocus.com/bid/22477
- http://www.securitytracker.com/id?1017639
- http://www.us-cert.gov/cas/techalerts/TA07-044A.html
- http://www.osvdb.org/34385
- http://www.vupen.com/english/advisories/2007/0583
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A700
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
Frequently Asked Questions
What is the severity of CVE-2007-0208?
CVE-2007-0208 has a critical severity level due to its potential to allow attackers to execute arbitrary code.
How do I fix CVE-2007-0208?
To fix CVE-2007-0208, users should apply the latest security updates from Microsoft for their affected Office and Works software.
Which versions of Microsoft Office are affected by CVE-2007-0208?
CVE-2007-0208 affects Microsoft Office 2000 SP3, XP SP3, and 2003 SP2, among others.
Can CVE-2007-0208 be exploited remotely?
Yes, CVE-2007-0208 can be exploited through user-assisted remote attacks that leverage malicious macro content.
What software products are impacted by CVE-2007-0208?
CVE-2007-0208 impacts various Microsoft products including Word 2000, 2002, and Works Suite 2004 to 2006.
- agent/type
- collector/mitre-cve
- source/MITRE
- agent/references
- agent/last-modified-date
- agent/weakness
- agent/severity
- agent/author
- agent/description
- agent/first-publish-date
- agent/event
- agent/source
- agent/softwarecombine
- agent/tags
- collector/nvd-historical
- agent/software-canonical-lookup-request
- collector/nvd-index
- vendor/microsoft
- canonical/microsoft works suite
- version/microsoft works suite/2006
- canonical/microsoft office
- version/microsoft office/2004
- canonical/microsoft office word
- version/microsoft office word/2000
- version/microsoft office/xp-sp3
- version/microsoft office/2003-sp2
- version/microsoft office word/2003
- version/microsoft works suite/2005
- version/microsoft office word/2002
- canonical/microsoft office word viewer
- version/microsoft office word viewer/2003
- version/microsoft works suite/2004
- version/microsoft office/2000-sp3