CVE-2008-7217 — Microsoft Office vulnerability
Severity
4.6MEDIUMNVD
EPSS
0.3%
top 51.39%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedSep 13
Latest updateMay 17
Description
Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that ID to bypass intended security policy and access Office programs, related to permissions and ownership for certain directories.
CVSS vector
AV:L/AC:L/C:P/I:P/A:PExploitability: 3.9 | Impact: 6.4
Affected Packages1 packages
🔴Vulnerability Details
1GHSA▶
GHSA-h222-rpwc-wpc8: Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for↗2022-05-17