9.3
CVE-2008-4027
- EPSS 65.86%
- Published 10.12.2008 14:00:00
- Last modified 09.04.2025 00:30:58
- Source secure@microsoft.com
- Teams watchlist Login
- Open Login
Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted (1) RTF file or (2) rich text e-mail message with multiple consecutive Drawing Object ("\do") tags, which triggers a "memory calculation error" and memory corruption, aka "Word RTF Object Parsing Vulnerability."Data is provided by the National Vulnerability Database (NVD)
Microsoft ≫ Office Word Viewer Version2003
Microsoft ≫ Office Word Viewer Version2003 Updatesp3
Microsoft ≫ Open Xml File Format Converter Editionmac
Microsoft ≫ Office Outlook Version2007
Microsoft ≫ Office Version2000 Updatesp3
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Outlook Version2007 Updatesp1
Microsoft ≫ Office Version2000 Updatesp3
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Word Version2000 Updatesp3
Microsoft ≫ Office Version2000 Updatesp3
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Word Version2002 Updatesp3
Microsoft ≫ Office Version2000 Updatesp3
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Word Version2003 Updatesp3
Microsoft ≫ Office Version2000 Updatesp3
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Word Version2007
Microsoft ≫ Office Version2000 Updatesp3
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Microsoft ≫ Office Version2003 Updatesp3
Microsoft ≫ Office Versionxp Updatesp3
Microsoft ≫ Office System Update2007
Microsoft ≫ Office System Versionsp1 Update2007
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 65.86% | 0.984 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 9.3 | 8.6 | 10 |
AV:N/AC:M/Au:N/C:C/I:C/A:C
|