CVE-2008-4024
published 2008-12-10CVE-2008-4024: Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted…
critical9.3CVSS 3.1
AVNACMAuNCCICAC
Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability."
Affected
9 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office_outlook | — | — |
| microsoft | office_word | — | — |
| microsoft | office_word | — | — |
| microsoft | office_word | — | — |
| microsoft | office_word | — | — |
| microsoft | office_word_viewer | — | — |
| microsoft | works | — | — |