CVE-2008-1091

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Office Compatibility Pack For Word Excel Ppt 2007; Word Viewer
Vendor: CVE Published:; 13 May 2008

Summary

Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based buffer overflow, aka "Object Parsing Vulnerability."

References

http://www.securityfocus.com/archive/1/492020/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.securityfocus.com/bid/29104

vdb-entryx_refsource_BID

EPSS Score

87% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
May 13, 2008
Vulnerability Reserved
Feb 28, 2008

Collectors

NVD DatabaseMitre Database