Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)

Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173

Reporter	Title	Published	Views	Family All 62
Core Security	Microsoft Word Malformed FIB Arbitrary Free Vulnerability	10 Dec 200800:00	–	coresecurity
Check Point Advisories	Microsoft Word PlfLfo Structure Memory Corruption (MS08-072; CVE-2008-4024)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word RTF Stylesheet Control Word Memory Corruption (MS08-072; CVE-2008-4031)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word Crafted Sprm Structure Stack Memory Corruption (MS08-072; CVE-2008-4837)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word RTF Object Parsing Memory Corruption (MS08-072; CVE-2008-4030)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word RTF Control Word Handling Integer Overflow (MS08-072; CVE-2008-4025)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word RTF Drawing Primitives Remote Code Execution (MS08-072; CVE-2008-4028)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word Global Array Index Heap Overflow (MS08-072; CVE-2008-4026)	9 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word RTF Object Parsing Remote Code Execution (MS08-072; CVE-2008-4027)	17 Dec 200800:00	–	checkpoint_advisories
Check Point Advisories	Microsoft Word PlfLfo Structure Memory Corruption (MS08-072) - Ver2 (CVE-2008-4024)	3 Mar 201400:00	–	checkpoint_advisories

Source	Link
microsoft	www.microsoft.com/technet/security/bulletin/ms08-072.mspx

###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_ms08-072.nasl 6538 2017-07-05 11:38:27Z cfischer $
#
# Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
#
# Authors:
# Chandan S <[email protected]>
#
# Make use of version_func_inc - By Chandan S, 11:48:13 2009/04/24
#
# Copyright: SecPod
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation could execute arbitrary code on the remote system
  and corrupt memory via a specially crafted Excel Spreadsheet (XLS) file.
  Impact Level: System";
tag_affected = "Microsoft Office 2K/XP/2003/2007";
tag_insight = "Microsoft office is prone to multiple vulnerabilities. For more information
  refer, http://secunia.com/advisories/30285/";
tag_solution = "Run Windows Update and update the listed hotfixes or download and
  update mentioned hotfixes in the advisory from the below link.
  http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx";
tag_summary = "This host is missing a critical security update according to
  Microsoft Bulletin MS08-072.";


if(description)
{
  script_id(900063);
  script_version("$Revision: 6538 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-05 13:38:27 +0200 (Wed, 05 Jul 2017) $");
  script_tag(name:"creation_date", value:"2008-12-10 17:58:14 +0100 (Wed, 10 Dec 2008)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_cve_id("CVE-2008-4024", "CVE-2008-4025", "CVE-2008-4026",
                "CVE-2008-4027", "CVE-2008-4028", "CVE-2008-4030",
                "CVE-2008-4031", "CVE-2008-4837");
  script_bugtraq_id(32579, 32580, 32581, 32583, 32584, 32585, 32594, 32642);
  script_name("Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)");
  script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2008 SecPod");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("secpod_office_products_version_900032.nasl", "secpod_ms_office_detection_900025.nasl");
  script_mandatory_keys("MS/Office/Ver", "SMB/Office/Word/Version");

  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

if(egrep(pattern:"^(9|10|11|12)\..*", string:get_kb_item("MS/Office/Ver")))
{
  wordVer = get_kb_item("SMB/Office/Word/Version");
  if(!wordVer){
    exit(0);
  }

  if(version_in_range(version:wordVer, test_version:"9.0",
                      test_version2:"9.0.0.8973")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"10.0",
                           test_version2:"10.0.6849")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"11.0",
                           test_version2:"11.0.8236")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"12.0",
                           test_version2:"12.0.6331.4999")){
    security_message(0);
  }
}

05 Jul 2017 00:00Current

0.8Low risk

Vulners AI Score0.8

EPSS0.66218