Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
openvasCopyright (C) 2008 SecPodOPENVAS:900063
HistoryDec 10, 2008 - 12:00 a.m.

Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)

2008-12-1000:00:00
Copyright (C) 2008 SecPod
plugins.openvas.org
16

0.907 High

EPSS

Percentile

98.8%

JSON

This host is missing a critical security update according to
Microsoft Bulletin MS08-072.

###############################################################################
# OpenVAS Vulnerability Test
# $Id: secpod_ms08-072.nasl 6538 2017-07-05 11:38:27Z cfischer $
#
# Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
#
# Authors:
# Chandan S <[email protected]>
#
# Make use of version_func_inc - By Chandan S, 11:48:13 2009/04/24
#
# Copyright: SecPod
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2
# (or any later version), as published by the Free Software Foundation.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

tag_impact = "Successful exploitation could execute arbitrary code on the remote system
  and corrupt memory via a specially crafted Excel Spreadsheet (XLS) file.
  Impact Level: System";
tag_affected = "Microsoft Office 2K/XP/2003/2007";
tag_insight = "Microsoft office is prone to multiple vulnerabilities. For more information
  refer, http://secunia.com/advisories/30285/";
tag_solution = "Run Windows Update and update the listed hotfixes or download and
  update mentioned hotfixes in the advisory from the below link.
  http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx";
tag_summary = "This host is missing a critical security update according to
  Microsoft Bulletin MS08-072.";


if(description)
{
  script_id(900063);
  script_version("$Revision: 6538 $");
  script_tag(name:"last_modification", value:"$Date: 2017-07-05 13:38:27 +0200 (Wed, 05 Jul 2017) $");
  script_tag(name:"creation_date", value:"2008-12-10 17:58:14 +0100 (Wed, 10 Dec 2008)");
  script_tag(name:"cvss_base", value:"9.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
  script_cve_id("CVE-2008-4024", "CVE-2008-4025", "CVE-2008-4026",
                "CVE-2008-4027", "CVE-2008-4028", "CVE-2008-4030",
                "CVE-2008-4031", "CVE-2008-4837");
  script_bugtraq_id(32579, 32580, 32581, 32583, 32584, 32585, 32594, 32642);
  script_name("Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)");
  script_xref(name : "URL" , value : "http://www.microsoft.com/technet/security/bulletin/ms08-072.mspx");

  script_category(ACT_GATHER_INFO);
  script_copyright("Copyright (C) 2008 SecPod");
  script_family("Windows : Microsoft Bulletins");
  script_dependencies("secpod_office_products_version_900032.nasl", "secpod_ms_office_detection_900025.nasl");
  script_mandatory_keys("MS/Office/Ver", "SMB/Office/Word/Version");

  script_tag(name : "impact" , value : tag_impact);
  script_tag(name : "affected" , value : tag_affected);
  script_tag(name : "insight" , value : tag_insight);
  script_tag(name : "solution" , value : tag_solution);
  script_tag(name : "summary" , value : tag_summary);
  script_tag(name:"qod_type", value:"registry");
  script_tag(name:"solution_type", value:"VendorFix");
  exit(0);
}

include("version_func.inc");

if(egrep(pattern:"^(9|10|11|12)\..*", string:get_kb_item("MS/Office/Ver")))
{
  wordVer = get_kb_item("SMB/Office/Word/Version");
  if(!wordVer){
    exit(0);
  }

  if(version_in_range(version:wordVer, test_version:"9.0",
                      test_version2:"9.0.0.8973")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"10.0",
                           test_version2:"10.0.6849")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"11.0",
                           test_version2:"11.0.8236")){
    security_message(0);
  }
  else if(version_in_range(version:wordVer, test_version:"12.0",
                           test_version2:"12.0.6331.4999")){
    security_message(0);
  }
}

Related

securityvulns 7
openvas 1
nessus 2
cve 8
nvd 8
prion 8
cvelist 8
zdi 3
checkpoint_advisories 16
coresecurity 1
securityvulns
securityvulns
Microsoft Security Bulletin MS08-072 - Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution &#40;957173&#41;
2008-12-10 00:00:00
Microsoft Office multiple security vulnerabilities
2008-12-11 00:00:00
ZDI-08-086: Microsoft Office Word Document Table Property Stack Overflow Vulnerability
2008-12-10 00:00:00
openvas
openvas
Vulnerabilities in Microsoft Office Word Could Allow Remote Code Execution (957173)
2008-12-10 00:00:00
nessus
nessus
MS08-072: Vulnerabilities in Microsoft Word Could Allow Remote Code Execution (957173)
2008-12-10 00:00:00
MS08-072 / MS08-074: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (957173 / 959070) (Mac OS X)
2010-10-20 00:00:00
cve
cve
CVE-2008-4028
2008-12-10 14:00:00
CVE-2008-4030
2008-12-10 14:00:00
CVE-2008-4837
2008-12-10 14:00:01
nvd
nvd
CVE-2008-4028
2008-12-10 14:00:00
CVE-2008-4030
2008-12-10 14:00:00
CVE-2008-4837
2008-12-10 14:00:01
prion
prion
Memory corruption
2008-12-10 14:00:00
Heap overflow
2008-12-10 14:00:00
Stack overflow
2008-12-10 14:00:00
cvelist
cvelist
CVE-2008-4028
2008-12-10 13:33:00
CVE-2008-4030
2008-12-10 13:33:00
CVE-2008-4837
2008-12-10 13:33:00
zdi
zdi
Microsoft Office Word Document Table Property Stack Overflow Vulnerability
2008-12-09 00:00:00
Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability
2008-12-09 00:00:00
Microsoft Office RTF Drawing Object Heap Overflow Vulnerability
2008-12-09 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Word Crafted Sprm Structure Stack Memory Corruption (MS08-072; CVE-2008-4837)
2008-12-09 00:00:00
Microsoft Word Crafted Sprm Structure Stack Memory Corruption - Ver2 (CVE-2008-4837)
2014-03-31 00:00:00
Microsoft Word RTF Stylesheet Control Word Memory Corruption - Ver2 (CVE-2008-4031)
2014-03-31 00:00:00
coresecurity
coresecurity
Microsoft Word Arbitrary Free Vulnerability
2008-12-10 00:00:00

0.907 High

EPSS

Percentile

98.8%

JSON
Related for OPENVAS:900063
securityvulns7openvas1nessus2cve8nvd8prion8cvelist8zdi3checkpoint_advisories16coresecurity1