Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a malformed string in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Parsing Vulnerability."
2008-12-10T14:00:00.893
2025-04-09T00:30:58.490
Deferred
CVSSv2: 9.3 (HIGH)
AV:N/AC:M/Au:N/C:C/I:C/A:C
8.6
10.0
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | office | 2004 | Yes |
| Application | microsoft | office | 2008 | Yes |
| Application | microsoft | office_compatibility_pack_for_word_excel_ppt_2007 | * | Yes |
| Application | microsoft | office_compatibility_pack_for_word_excel_ppt_2007 | * | Yes |
| Application | microsoft | office_word_viewer | 2003 | Yes |
| Application | microsoft | office_word_viewer | 2003 | Yes |
| Application | microsoft | open_xml_file_format_converter | * | Yes |
| Application | microsoft | works | 8.0 | Yes |
| Application | microsoft | office_outlook | 2007 | Yes |
| Application | microsoft | office_outlook | 2007 | Yes |
| Application | microsoft | office_word | 2000 | Yes |
| Application | microsoft | office_word | 2002 | Yes |
| Application | microsoft | office_word | 2003 | Yes |
| Application | microsoft | office_word | 2007 | Yes |
| Application | microsoft | office | 2000 | No |
| Application | microsoft | office | 2003 | No |
| Application | microsoft | office | xp | No |
| Operating System | microsoft | office_system | * | No |
| Operating System | microsoft | office_system | sp1 | No |