7.5

CVE-2003-0820

Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftWord Version97
MicrosoftWord Version97 Langja
MicrosoftWord Version97 Langko
MicrosoftWord Version97 Langzh
MicrosoftWord Version97 Updatesr1
MicrosoftWord Version97 Updatesr2
MicrosoftWord Version98
MicrosoftWord Version98 Langja
MicrosoftWord Version98 Langko
MicrosoftWord Version98 Langzh
MicrosoftWord Version98 Updatesr1 Langja
MicrosoftWord Version98 Updatesr2 Langja
MicrosoftWord Version2000
MicrosoftWord Version2000 Langja
MicrosoftWord Version2000 Langko
MicrosoftWord Version2000 Langzh
MicrosoftWord Version2000 Updatesp2
MicrosoftWord Version2000 Updatesp3
MicrosoftWord Version2000 Updatesr1
MicrosoftWord Version2000 Updatesr1a
MicrosoftWord Version2002
MicrosoftWord Version2002 Updatesp1
MicrosoftWord Version2002 Updatesp2
MicrosoftWorks Version2001
MicrosoftWorks Version2002
MicrosoftWorks Version2003
MicrosoftWorks Version2004
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 17.47% 0.948
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 10 6.4
AV:N/AC:L/Au:N/C:P/I:P/A:P
http://www.securityfocus.com/bid/8835
Patch
Third Party Advisory
Vendor Advisory
VDB Entry