Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability."
2008-12-10T14:00:00.783
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | office | 2004 | Yes |
| Application | microsoft | office | 2008 | Yes |
| Application | microsoft | office_compatibility_pack_for_word_excel_ppt_2007 | * | Yes |
| Application | microsoft | office_compatibility_pack_for_word_excel_ppt_2007 | * | Yes |
| Application | microsoft | office_word_viewer | 2003 | Yes |
| Application | microsoft | office_word_viewer | 2003 | Yes |
| Application | microsoft | open_xml_file_format_converter | * | Yes |
| Application | microsoft | works | 8.0 | Yes |
| Application | microsoft | office_outlook | 2007 | Yes |
| Application | microsoft | office_outlook | 2007 | Yes |
| Application | microsoft | office_word | 2000 | Yes |
| Application | microsoft | office_word | 2002 | Yes |
| Application | microsoft | office_word | 2003 | Yes |
| Application | microsoft | office_word | 2007 | Yes |
| Application | microsoft | office | 2000 | No |
| Application | microsoft | office | 2003 | No |
| Application | microsoft | office | xp | No |
| Operating System | microsoft | office_system | * | No |
| Operating System | microsoft | office_system | sp1 | No |