Vulnerability Description
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Office | 2000 |
| Microsoft | Word | 2000 |
| Microsoft | Word Viewer | 2003 |
| Microsoft | Works | 2004 |
Related Weaknesses (CWE)
References
- http://www.osvdb.org/34385
- http://www.securityfocus.com/bid/22477
- http://www.securitytracker.com/id?1017639
- http://www.us-cert.gov/cas/techalerts/TA07-044A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/0583Vendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-01
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://www.osvdb.org/34385
- http://www.securityfocus.com/bid/22477
- http://www.securitytracker.com/id?1017639
- http://www.us-cert.gov/cas/techalerts/TA07-044A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2007/0583Vendor Advisory
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-01
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
FAQ
What is CVE-2007-0208?
CVE-2007-0208 is a vulnerability with a CVSS score of 9.3 (HIGH). Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro co...
How severe is CVE-2007-0208?
CVE-2007-0208 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2007-0208?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office, Microsoft Word, Microsoft Word Viewer, Microsoft Works.