Vulnerabilities > CVE-2008-0109 - Resource Management Errors vulnerability in Microsoft Office and Word

047910
CVSS 0.0 - NONE
Attack vector
UNKNOWN
Attack complexity
UNKNOWN
Privileges required
UNKNOWN
Confidentiality impact
UNKNOWN
Integrity impact
UNKNOWN
Availability impact
UNKNOWN

Summary

Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption.

Vulnerable Configurations

Part Description Count
Application
Microsoft
5

Common Weakness Enumeration (CWE)

Nessus

NASL familyWindows : Microsoft Bulletins
NASL idSMB_NT_MS08-009.NASL
descriptionThe remote host is running a version of Microsoft Word that is subject to a flaw that could allow arbitrary code to be run. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it. Then a bug in the font parsing handler would result in code execution.
last seen2020-06-01
modified2020-06-02
plugin id31043
published2008-02-12
reporterThis script is Copyright (C) 2008-2018 Tenable Network Security, Inc.
sourcehttps://www.tenable.com/plugins/nessus/31043
titleMS08-009: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (947077)

Oval

accepted2013-02-18T04:00:21.390-05:00
classvulnerability
contributors
  • nameSudhir Gandhe
    organizationSecure Elements, Inc.
  • nameRobert L. Hollis
    organizationThreatGuard, Inc.
  • namePradeep R B
    organizationSecPod Technologies
  • nameShane Shaffer
    organizationG2, Inc.
  • nameSergey Artykhov
    organizationALTX-SOFT
definition_extensions
  • commentMicrosoft Word 2000 is installed
    ovaloval:org.mitre.oval:def:455
  • commentMicrosoft Word 2002 is installed
    ovaloval:org.mitre.oval:def:973
  • commentMicrosoft Word 2003 is installed
    ovaloval:org.mitre.oval:def:475
  • commentMicrosoft Word Viewer is installed
    ovaloval:org.mitre.oval:def:737
descriptionWord in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption.
familywindows
idoval:org.mitre.oval:def:5073
statusaccepted
submitted2008-02-12T17:49:09
titleWord Memory Corruption Vulnerability
version10

Seebug

bulletinFamilyexploit
descriptionBUGTRAQ ID: 27656 CVE(CAN) ID: CVE-2008-0109 Word是微软Office办公软件套件中的文字处理工具。 Word在解析文件信息块(FIB)中的某些字段时存在内存破坏漏洞,如果用户受骗打开了特制的DOC文档的话,就可能触发这个漏洞,导致执行任意指令。 Microsoft Word 2003 SP2 Microsoft Word 2002 SP3 Microsoft Word 2000 SP3 临时解决方法: * 在打开未知或不可信任来源的文件时,使用Microsoft Office隔离转换环境(MOICE)。 * 使用Microsoft Office文件阻断策略以防止打开未知或不可信任来源的Office 2003及更早版本的文档。可使用以下注册表脚本为Office 2003设置文件阻断策略: Windows Registry Editor Version 5.00 [HKEY_CURRENT_USER\Software\Microsoft\Office\11.0\Word\Security\FileOpenBlock] &quot;BinaryFiles&quot;=dword:00000001 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS08-009)以及相应补丁: MS08-009:Vulnerability in Microsoft Word Could Allow Remote Code Execution (947077) 链接:<a href=http://www.microsoft.com/technet/security/Bulletin/MS08-009.mspx?pf=true target=_blank>http://www.microsoft.com/technet/security/Bulletin/MS08-009.mspx?pf=true</a>
idSSV:2898
last seen2017-11-19
modified2008-02-20
published2008-02-20
reporterRoot
titleMicrosoft Word文件信息块内存破坏漏洞(MS08-009)