2003

CVSS 7.1 - HIGH

Attack vector

NETWORK

Attack complexity

MEDIUM

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

COMPLETE

network

microsoft

CWE-399

exploit available

NVD

Published: 2008-06-18

Updated: 2017-08-08

Summary

Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: some of these details are obtained from third party information.

Vulnerable Configurations

Part	Description	Count
Application	Microsoft Microsoft Word 2000 Microsoft Word 2003	9

Common Weakness Enumeration (CWE)

CWE-399 - Resource Management Errors

Exploit-Db

description	Microsoft Word 2000/2002 Bulleted List Handling Remote Memory Corruption Vulnerability. CVE-2008-2752. Dos exploit for windows platform
id	EDB-ID:31934
last seen	2016-02-03
modified	2008-06-17
published	2008-06-17
reporter	Ivan Sanchez
source	https://www.exploit-db.com/download/31934/
title	Microsoft Word 2000/2002 - Bulleted List Handling Remote Memory Corruption Vulnerability

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Exploit-Db

References