Memory Corruption Vulnerability in Microsoft Office Products
CVE-2008-4024

Currently unrated

Key Information:

Vendor

Microsoft
Status
Open Xml File Format Converter
Office
Office Word Viewer
Office Compatibility Pack For Word Excel Ppt 2007
Vendor
CVE Published:
10 December 2008

What is CVE-2008-4024?

Microsoft Office Word versions 2000 SP3, 2002 SP3, and Office 2004 for Mac are susceptible to a memory corruption vulnerability. This flaw allows remote attackers to execute arbitrary code by delivering a specially crafted Word document. The exploit takes advantage of an improper initialization step in the File Information Block (FIB), specifically targeting the lcbPlcfBkfSdt field. When processed, it can trigger an arbitrary free condition, enabling unauthorized code execution and potentially compromising system security.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

References

https://docs.microsoft.com/en-us/security-updates/securit...
vendor-advisoryx_refsource_MS
http://www.securityfocus.com/archive/1/499086/100/0/threaded
mailing-listx_refsource_BUGTRAQ
https://oval.cisecurity.org/repository/search/definition/...
vdb-entrysignaturex_refsource_OVAL

EPSS Score

57% chance of being exploited in the next 30 days.

Timeline

  • Vulnerability published

  • Vulnerability Reserved

JSON
.