Vulnerabilities > Microsoft > Office Word > 2000

DATE CVE VULNERABILITY TITLE RISK
2008-12-10 CVE-2008-4025 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via (1) an RTF file or (2) a rich text e-mail message containing an invalid number of points for a polyline or polygon, which triggers a heap-based buffer overflow, aka "Word RTF Object Parsing Vulnerability."
network
microsoft CWE-119
critical
9.3
2008-12-10 CVE-2008-4024 Code Injection vulnerability in Microsoft products
Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability."
network
microsoft CWE-94
critical
9.3