CVE-2008-4025

Name of the Vulnerable Software and Affected Versions Microsoft Office Word versions 2000 SP3 through 2007 SP1 Microsoft Office Outlook version 2007 Gold and SP1 Microsoft Office Word Viewer version 2003 Gold and SP3 Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions Gold and SP1 Microsoft Office for Mac versions 2004 and 2008 Microsoft Open XML File Format Converter for Mac (affected versions not specified)

Description The issue is related to an integer overflow in Microsoft Office when handling Rich Text Format (RTF) files, which can trigger a heap-based buffer overflow. This allows remote attackers to execute arbitrary code via an RTF file or a rich text e-mail message containing an invalid number of points for a polyline or polygon. If a user opens a specially crafted RTF file in Word or reads a specially crafted e-mail sent in the RTF format, an attacker could take control of an affected system in the context of the currently logged-on user, potentially installing programs, viewing, changing, or deleting data, or creating new accounts with full user rights.

Recommendations For Microsoft Office Word versions 2000 SP3 through 2007 SP1, update to a version that is not affected by this issue. For Microsoft Office Outlook version 2007 Gold and SP1, avoid reading specially crafted e-mail sent in the RTF format until a patch is available. For Microsoft Office Word Viewer version 2003 Gold and SP3, consider disabling the ability to open RTF files until a fix is provided. For Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions Gold and SP1, restrict the use of RTF files until an update is available. For Microsoft Office for Mac versions 2004 and 2008, and Microsoft Open XML File Format Converter for Mac, at the moment, there is no information about a newer version that contains a fix for this vulnerability.