Vulnerabilities > CVE-2008-2244 - Resource Management Errors vulnerability in Microsoft Office Word 2002
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
COMPLETE Integrity impact
COMPLETE Availability impact
COMPLETE Summary
Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 1 |
Common Weakness Enumeration (CWE)
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS08-042.NASL |
description | The remote host is running a version of Microsoft Word that is subject to a flaw that could allow arbitrary code to be run. An attacker may use this to execute arbitrary code on this host. To succeed, the attacker would have to send a rogue file to a user of the remote computer and have it open it. Then a bug in the word record parsing handler would result in code execution. |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 33871 |
published | 2008-08-13 |
reporter | This script is Copyright (C) 2008-2018 Tenable Network Security, Inc. |
source | https://www.tenable.com/plugins/nessus/33871 |
title | MS08-042: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (955048) |
code |
|
Oval
accepted | 2014-02-03T04:04:46.159-05:00 | ||||||||||||
class | vulnerability | ||||||||||||
contributors |
| ||||||||||||
definition_extensions |
| ||||||||||||
description | Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc. | ||||||||||||
family | windows | ||||||||||||
id | oval:org.mitre.oval:def:5897 | ||||||||||||
status | accepted | ||||||||||||
submitted | 2008-08-13T09:28:00 | ||||||||||||
title | Word Record Parsing Vulnerability | ||||||||||||
version | 6 |
Seebug
bulletinFamily | exploit |
description | BUGTRAQ ID: 30124 CVE(CAN) ID: CVE-2008-2244 Microsoft Word是微软Office办公软件套件中的文字处理工具。 Word没有正确地处理文档中的无效智能标签长度值,如果用户打开了带有畸形记录值的特制Word文件,就可能触发内存破坏。成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。 目前这个漏洞正在被名为Trojan.Mdropper的木马积极的利用。 Microsoft Word 2003 SP3 Microsoft Word 2003 SP2 Microsoft Word 2002 SP3 临时解决方法: * 使用Microsoft Office Word 2003 Viewer或Microsoft Office Word 2003 Viewer Service Pack 3打开和查看Microsoft Word文件。 * 不要打开或保存从不受信任来源或从受信任来源意外收到的Microsoft Office文件。 厂商补丁: Microsoft --------- Microsoft已经为此发布了一个安全公告(MS08-042)以及相应补丁: MS08-042:Vulnerability in Microsoft Word Could Allow Remote Code Execution (955048) 链接:<a href=http://www.microsoft.com/technet/security/bulletin/MS08-042.mspx?pf=true target=_blank>http://www.microsoft.com/technet/security/bulletin/MS08-042.mspx?pf=true</a> |
id | SSV:3852 |
last seen | 2017-11-19 |
modified | 2008-08-15 |
published | 2008-08-15 |
reporter | Root |
title | Microsoft Word智能标签无效长度处理内存破坏漏洞(MS08-042) |
References
- http://blogs.technet.com/msrc/archive/2008/07/08/vulnerability-in-microsoft-word-could-allow-remote-code-execution.aspx
- http://isc.sans.org/diary.html?storyid=4696
- http://marc.info/?l=bugtraq&m=121915960406986&w=2
- http://secunia.com/advisories/30975
- http://www.microsoft.com/technet/security/advisory/953635.mspx
- http://www.securityfocus.com/bid/30124
- http://www.securitytracker.com/id?1020447
- http://www.us-cert.gov/cas/techalerts/TA08-225A.html
- http://www.vupen.com/english/advisories/2008/2028
- https://exchange.xforce.ibmcloud.com/vulnerabilities/43663
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5897