|
|
CVE Reference: CVE-2008-4024 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-4024 |
|
|
Description: Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability." |
|
|
CVE Status: Candidate |
|
|
References: ST 1021370 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:5934 MS http://www.microsoft.com/technet/security/Bulletin/MS08-072.mspx MISC http://www.coresecurity.com/content/word-arbitrary-free http://www.coresecurity.com/files/attachments/CORE-2008-0228-Word.pdf CERT http://www.us-cert.gov/cas/techalerts/TA08-344A.html BUGTRAQ http://www.securityfocus.com/archive/1/archive/1/499086/100/0/threaded |
|
| Return to the previous page. |
