Stack-Based Buffer Overflow in Microsoft Office Products
CVE-2008-4837

Currently unrated

Key Information:

Vendor: Microsoft
Status: Open Xml File Format Converter; Office; Office Word Viewer; Office Compatibility Pack For Word Excel Ppt 2007
Vendor: CVE Published:; 10 December 2008

Summary

A stack-based buffer overflow in several versions of Microsoft Office products enables remote attackers to exploit crafted Word documents with malformed table properties. This security flaw can trigger memory corruption, leading to arbitrary code execution on the affected systems. Users should be cautious when handling Word documents from untrusted sources and ensure they have applied the latest security updates from Microsoft to mitigate the risks associated with this vulnerability.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.zerodayinitiative.com/advisories/ZDI-08-086/

x_refsource_MISC

http://www.zerodayinitiative.com/advisories/ZDI-08-086

x_refsource_MISC

EPSS Score

70% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Dec 10, 2008
Vulnerability Reserved
Oct 31, 2008