9.3
CVE-2007-0208
- EPSS 30.11%
- Veröffentlicht 13.02.2007 21:28:00
- Zuletzt bearbeitet 16.06.2026 22:35:07
- Quelle secure@microsoft.com
- CVE-Watchlists
- Unerledigt
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Microsoft ≫ Word Viewer Version2003
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 30.11% | 0.98 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
CWE-20 Improper Input Validation
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.
http://www.us-cert.gov/cas/techalerts/TA07-044A.html
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014
http://www.osvdb.org/34385
http://www.securityfocus.com/bid/22477
http://www.securitytracker.com/id?1017639
http://www.vupen.com/english/advisories/2007/0583
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A700