CVE-2008-4024

NONECVSS 0.0

0.0

Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability."

🔗 References (16)

secure@microsofthttp://www.coresecurity.com/content/word-arbitrary-free
secure@microsofthttp://www.coresecurity.com/files/attachments/CORE-2008-0228-Word.pdf
secure@microsofthttp://www.securityfocus.com/archive/1/499086/100/0/threaded
secure@microsofthttp://www.securitytracker.com/id?1021370
secure@microsofthttp://www.us-cert.gov/cas/techalerts/TA08-344A.html
secure@microsofthttp://www.vupen.com/english/advisories/2008/3384
secure@microsofthttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-072
secure@microsofthttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5934
af854a3a-2127-422b-91ae-364da2661108http://www.coresecurity.com/content/word-arbitrary-free
af854a3a-2127-422b-91ae-364da2661108http://www.coresecurity.com/files/attachments/CORE-2008-0228-Word.pdf
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/499086/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id?1021370
af854a3a-2127-422b-91ae-364da2661108http://www.us-cert.gov/cas/techalerts/TA08-344A.html
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2008/3384
af854a3a-2127-422b-91ae-364da2661108https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-072

Is Your Infrastructure Affected by CVE-2008-4024?

EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.

Start Free Scan →Browse All CVEs

CVE-2008-4024

📅 Published

🔄 Last Modified

🔗 References (16)

Dependency Blast Radius

Is Your Infrastructure Affected by CVE-2008-4024?