Executive Summary
Summary | |
---|---|
Title | Microsoft Office fails to properly handle specially crafted Rich Text Format files |
Informations | |||
---|---|---|---|
Name | VU#543907 | First vendor Publication | 2008-05-13 |
Vendor | VU-CERT | Last vendor Modification | 2008-05-13 |
Severity (Vendor) | N/A | Revision | M |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Vulnerability Note VU#543907Microsoft Office fails to properly handle specially crafted Rich Text Format filesOverviewA vulnerability in the way Microsoft Office handles Rich Text Format files may lead to execution of arbitrary code.I. DescriptionMicrosoft Office contains a vulnerability that could be exploited when parsing malformed strings contained in specially crafted Rich Text Format (.rtf) files. According to Microsoft Security Bulletin ms08-026:The vulnerability could allow remote code execution if a user opens a specially crafted .rtf file with malformed strings in Word or previews a specially crafted .rtf file with malformed strings in rich text e-mail. II. ImpactA remote, unauthenticated attacker may be able to execute arbitrary code with the privileges of the affected user or cause a denial-of-service condition.III. SolutionUpdateMicrosoft has released an update to address this issue. See Microsoft Security Bulletin ms08-026 for more details.
References
This vulnerability was reported in Microsoft Security Bulletin ms08-026. Microsoft credits wushi of team509, working with Zero Day Initiative, for reporting this issue. This document was written by Chris Taschner.
|
Original Source
Url : http://www.kb.cert.org/vuls/id/543907 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5494 | |||
Oval ID: | oval:org.mitre.oval:def:5494 | ||
Title: | Object Parsing Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based buffer overflow, aka "Object Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-1091 | Version: | 13 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Word Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
45031 | Microsoft Office RTF File Handling Object Parsing Arbitrary Code Execution A memory corruption flaw exists in Office. Word and Outlook fail to validate strings contained in RTF files resulting in memory corruption. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2016-04-14 | Microsoft Office Word RTF parsing memory corruption attempt RuleID : 38237 - Revision : 1 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Word RTF parsing memory corruption attempt RuleID : 17743 - Revision : 19 - Type : FILE-OFFICE |
2014-01-10 | RTF control word overflow attempt RuleID : 13803 - Revision : 15 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms08-026.nasl - Type : ACT_GATHER_INFO |
2008-05-13 | Name : Arbitrary code can be executed on the remote host through Microsoft Word. File : smb_nt_ms08-026.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2015-04-15 13:28:38 |
|
2013-05-11 00:57:11 |
|