Test ID:	1.3.6.1.4.1.25623.1.0.900063
Category:	Windows : Microsoft Bulletins
Title:	Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
Summary:	This host is missing a critical security update according to; Microsoft Bulletin MS08-072.
Description:	Summary: This host is missing a critical security update according to Microsoft Bulletin MS08-072. Vulnerability Insight: Microsoft office is prone to multiple vulnerabilities. Please see the references for more information. Vulnerability Impact: Successful exploitation could execute arbitrary code on the remote system and corrupt memory via a specially crafted Excel Spreadsheet (XLS) file. Affected Software/OS: Microsoft Office 2K/XP/2003/2007. Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2008-4024 Bugtraq: 20081210 CORE-2008-0228: Microsoft Word Malformed FIB Arbitrary Free Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499086/100/0/threaded Cert/CC Advisory: TA08-344A http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.coresecurity.com/content/word-arbitrary-free http://www.coresecurity.com/files/attachments/CORE-2008-0228-Word.pdf Microsoft Security Bulletin: MS08-072 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5934 http://www.securitytracker.com/id?1021370 http://www.vupen.com/english/advisories/2008/3384 Common Vulnerability Exposure (CVE) ID: CVE-2008-4025 Bugtraq: 20081209 Secunia Research: Microsoft Word RTF Polyline/Polygon Integer Overflow (Google Search) http://www.securityfocus.com/archive/1/499054/100/0/threaded http://secunia.com/secunia_research/2008-21/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5682 Common Vulnerability Exposure (CVE) ID: CVE-2008-4026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5807 Common Vulnerability Exposure (CVE) ID: CVE-2008-4027 Bugtraq: 20081209 ZDI-08-084: Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499062/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-084 http://www.zerodayinitiative.com/advisories/ZDI-08-084/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6098 Common Vulnerability Exposure (CVE) ID: CVE-2008-4028 Bugtraq: 20081209 ZDI-08-085: Microsoft Office RTF Drawing Object Heap Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499063/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-085 http://www.zerodayinitiative.com/advisories/ZDI-08-085/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6096 Common Vulnerability Exposure (CVE) ID: CVE-2008-4030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5737 Common Vulnerability Exposure (CVE) ID: CVE-2008-4031 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5952 Common Vulnerability Exposure (CVE) ID: CVE-2008-4837 Bugtraq: 20081209 ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability (Google Search) http://www.securityfocus.com/archive/1/499064/100/0/threaded http://www.zerodayinitiative.com/advisories/ZDI-08-086 http://www.zerodayinitiative.com/advisories/ZDI-08-086/ https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5982
Copyright	Copyright (C) 2008 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.