CVE-2008-4837

Name of the Vulnerable Software and Affected Versions Microsoft Office Word versions 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1 Microsoft Word Viewer version 2003 Gold and SP3 Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions Gold and SP1 Microsoft Works version 8

Description A remote code execution issue exists in the way Microsoft Office Word handles specially crafted Word files, potentially allowing an attacker to execute arbitrary code via a crafted Word document containing a malformed table property or record value. This could enable an attacker to take control of an affected system, install programs, view, change, or delete data, or create new accounts with full user rights.

Recommendations For Microsoft Office Word versions 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1, update to a newer version to mitigate the risk. For Microsoft Word Viewer version 2003 Gold and SP3, update to a newer version to mitigate the risk. For Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats versions Gold and SP1, update to a newer version to mitigate the risk. For Microsoft Works version 8, update to a newer version to mitigate the risk.