Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2008 SecPodOPENVAS:900006
HistoryAug 19, 2008 - 12:00 a.m.

Microsoft Word Could Allow Remote Code Execution Vulnerability

2008-08-1900:00:00
Copyright (C) 2008 SecPod
plugins.openvas.org
8

0.832 High

EPSS

Percentile

98.1%

JSON

This host is installed with Microsoft Office (with MS Word), which
is prone to remote code execution vulnerability.

##############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_ms_word_code_exec_vuln_900006.nasl 6519 2017-07-04 14:08:14Z cfischer $
# Description: Microsoft Word Could Allow Remote Code Execution Vulnerability
#
# Authors:
# Chandan S <[email protected]>
#
# Copyright:
# Copyright (C) 2008 SecPod, http://www.secpod.com
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
##############################################################################

tag_impact = "Remote attacker could exploit by persuading victim to open a crafted
 documents to corrupt memory and cause the application to crash, and also allow
 to execute arbitrary code with the system privileges of the victim.
 Impact Level : System";

tag_solution = "Run Windows Update and update the listed hotfixes or download and
 update mentioned hotfixes in the advisory from the below link.
 http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx";

tag_affected = "Microsoft Word 2002 (XP) with SP3 on Windows (All).
 Microsoft Word 2003 with SP3 on Windows (All).";

tag_insight = "Flaw is due to an error within the handling of malformed/crafted MS Word documents.";


tag_summary = "This host is installed with Microsoft Office (with MS Word), which
 is prone to remote code execution vulnerability.";


if(description)
{
 script_id(900006);
 script_version("$Revision: 6519 $");
 script_tag(name:"last_modification", value:"$Date: 2017-07-04 16:08:14 +0200 (Tue, 04 Jul 2017) $");
 script_tag(name:"creation_date", value:"2008-08-19 14:38:55 +0200 (Tue, 19 Aug 2008)");
 script_bugtraq_id(30124);
 script_cve_id("CVE-2008-2244");
 script_copyright("Copyright (C) 2008 SecPod");
 script_tag(name:"cvss_base", value:"9.3");
 script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
 script_category(ACT_GATHER_INFO);
 script_family("Windows");
 script_name("Microsoft Word Could Allow Remote Code Execution Vulnerability");

 script_dependencies("secpod_reg_enum.nasl", "secpod_office_products_version_900032.nasl",
		     "secpod_ms_office_detection_900025.nasl");
 script_mandatory_keys("MS/Office/Ver", "SMB/Office/Word/Version");
 script_xref(name : "URL" , value : "http://secunia.com/advisories/30975");
 script_xref(name : "URL" , value : "http://xforce.iss.net/xforce/xfdb/43663");
 script_xref(name : "URL" , value : "http://www.frsirt.com/english/advisories/2008/2028");
 script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/advisory/953635.mspx");
 script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/bulletin/ms08-042.mspx");
 script_tag(name : "summary" , value : tag_summary);
 script_tag(name : "insight" , value : tag_insight);
 script_tag(name : "affected" , value : tag_affected);
 script_tag(name : "solution" , value : tag_solution);
 script_tag(name : "impact" , value : tag_impact);
 script_tag(name:"qod_type", value:"registry");
 script_tag(name:"solution_type", value:"VendorFix");
 exit(0);
}


include("version_func.inc");

if(!get_kb_item("SMB/WindowsVersion")){
  exit(0);
}

if(egrep(pattern:"^(10|11)\..*", string:get_kb_item("MS/Office/Ver")))
{
  # Grep for version < (10.0.6846 - MS Word 2002 SP3 & 11.0.8227.0 - MS Word 2003 SP3)
  wordVer = get_kb_item("SMB/Office/Word/Version");
  if(!wordVer){
    exit(0);
  }

  if(version_in_range(version:wordVer, test_version:"10.0",
                      test_version2:"10.0.6845")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"11.0",
                           test_version2:"11.0.8226")){
    security_message(0);
  }
}

Related

checkpoint_advisories 2
securityvulns 2
nessus 1
prion 1
openvas 1
cvelist 1
cve 1
seebug 1
checkpoint_advisories
checkpoint_advisories
Microsoft Office Smart Tag WordCount Memory Corruption - Ver2 (CVE-2008-2244)
2014-03-03 00:00:00
Microsoft Word Crafted SmartTag Record Code Execution (MS08-042; CVE-2008-2244)
2008-07-13 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS08-042 – Important Vulnerability in Microsoft Word Could Allow Remote Code Execution &#40;955048&#41;
2008-08-12 00:00:00
Microsoft Office / Word / Excel / Power Point multiple security vulnerabilities
2008-08-13 00:00:00
nessus
nessus
MS08-042: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (955048)
2008-08-13 00:00:00
prion
prion
Design/Logic Flaw
2008-07-09 22:41:00
openvas
openvas
Microsoft Word Could Allow Remote Code Execution Vulnerability
2008-08-19 00:00:00
cvelist
cvelist
CVE-2008-2244
2008-07-09 22:00:00
cve
cve
CVE-2008-2244
2008-07-09 22:41:00
seebug
seebug
Microsoft Word智能标签无效长度处理内存破坏漏洞(MS08-042)
2008-08-15 00:00:00

0.832 High

EPSS

Percentile

98.1%

JSON
Related for OPENVAS:900006
checkpoint_advisories2securityvulns2nessus1prion1openvas1cvelist1cve1seebug1