PT-2007-5126 · Microsoft · Office For Mac+1

Liu Kun-Hao

Published

2007-10-09

Updated

2018-10-30

CVE-2007-3899

CVSS v2.0

9.3

High

Vector

AV:N/AC:M/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions: Microsoft Word versions 2000 SP3, 2002 SP3 Microsoft Office for Mac version 2004

Description: A remote code execution issue exists in the way that Word handles specially crafted Word files. This could allow remote code execution if a user opens a specially crafted Word file with a malformed string. Users with fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Recommendations: For Microsoft Word 2000 SP3, update to a version that is not affected by this issue. For Microsoft Word 2002 SP3, update to a version that is not affected by this issue. For Microsoft Office for Mac 2004, update to a version that is not affected by this issue.

Fix

RCE

Code Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-94

Related Identifiers

CVE-2007-3899

Affected Products

Office For Mac

Office Word

PT-2007-5126 · Microsoft · Office For Mac+1

CVE-2007-3899

Weakness Enumeration

Related Identifiers

Affected Products

References · 12