CVE-2008-0109
First published: Tue Feb 12 2008(Updated: )
Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Office | =xp-sp3 | |
| Microsoft Word | ||
| Microsoft Office | =2003-sp2 | |
| Microsoft Office | =2003 | |
| Microsoft Office | =2000-sp3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.us-cert.gov/cas/techalerts/TA08-043C.html
- http://www.kb.cert.org/vuls/id/692417
- http://www.securityfocus.com/bid/27656
- http://www.securitytracker.com/id?1019374
- http://secunia.com/advisories/28901
- http://marc.info/?l=bugtraq&m=120361015026386&w=2
- http://www.vupen.com/english/advisories/2008/0511/references
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5073
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-009
- http://www.securityfocus.com/archive/1/488071/100/0/threaded
- collector/nvd-historical
- collector/nvd-index
- agent/severity
- agent/references
- agent/weakness
- agent/type
- agent/event
- agent/author
- agent/description
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- agent/tags
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft office
- version/microsoft office/xp-sp3
- canonical/microsoft word
- version/microsoft office/2003-sp2
- version/microsoft office/2003
- version/microsoft office/2000-sp3