Vulnerability Details : CVE-2008-4030

Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control words in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Parsing Vulnerability," a different vulnerability than CVE-2008-4028.

Vulnerability category: Memory CorruptionExecute code

Published 2008-12-10 14:00:01

Updated 2018-10-30 16:25:58

Source Microsoft Corporation

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2008-4030

Probability of exploitation activity in the next 30 days: 93.23%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 99 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-4030

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
9.3	HIGH	AV:N/AC:M/Au:N/C:C/I:C/A:C	8.6	10.0	[email protected]
Access Vector: Network Access Complexity: Medium Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-4030

CWE-399

Assigned by: [email protected] (Primary)

References for CVE-2008-4030

Products affected by CVE-2008-4030

Microsoft » Office » Version: 2004 MAC Edition
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:*
Matching versions
Microsoft » Office » Version: 2008 MAC Edition
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
Matching versions
Microsoft » Works » Version: 8.0
cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*
Matching versions
Microsoft » Office Compatibility Pack For Word Excel Ppt 2007 » Update SP1
cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:sp1:*:*:*:*:*:*
Matching versions
Microsoft » Office Compatibility Pack For Word Excel Ppt 2007
cpe:2.3:a:microsoft:office_compatibility_pack_for_word_excel_ppt_2007:*:*:*:*:*:*:*:*
Matching versions
Microsoft » Office Word » Version: 2002 Update SP3
cpe:2.3:a:microsoft:office_word:2002:sp3:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Office » Version: 2000 Update SP3
When used together with: Microsoft » Office » Version: 2003 Update SP3
When used together with: Microsoft » Office » Version: XP Update SP3
When used together with: Microsoft » Office System » Update 2007
When used together with: Microsoft » Office System » Version: SP1 Update 2007
Microsoft » Office Word » Version: 2007
cpe:2.3:a:microsoft:office_word:2007:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Office » Version: 2000 Update SP3
When used together with: Microsoft » Office » Version: 2003 Update SP3
When used together with: Microsoft » Office » Version: XP Update SP3
When used together with: Microsoft » Office System » Update 2007
When used together with: Microsoft » Office System » Version: SP1 Update 2007
Microsoft » Office Word » Version: 2003 Update SP3
cpe:2.3:a:microsoft:office_word:2003:sp3:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Office » Version: 2000 Update SP3
When used together with: Microsoft » Office » Version: 2003 Update SP3
When used together with: Microsoft » Office » Version: XP Update SP3
When used together with: Microsoft » Office System » Update 2007
When used together with: Microsoft » Office System » Version: SP1 Update 2007
Microsoft » Office Word » Version: 2000 Update SP3
cpe:2.3:a:microsoft:office_word:2000:sp3:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Office » Version: 2000 Update SP3
When used together with: Microsoft » Office » Version: 2003 Update SP3
When used together with: Microsoft » Office » Version: XP Update SP3
When used together with: Microsoft » Office System » Update 2007
When used together with: Microsoft » Office System » Version: SP1 Update 2007
Microsoft » Office Word Viewer » Version: 2003
cpe:2.3:a:microsoft:office_word_viewer:2003:*:*:*:*:*:*:*
Matching versions
Microsoft » Office Word Viewer » Version: 2003 Update SP3
cpe:2.3:a:microsoft:office_word_viewer:2003:sp3:*:*:*:*:*:*
Matching versions
Microsoft » Open Xml File Format Converter » MAC Edition
cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*
Matching versions
Microsoft » Office Outlook » Version: 2007 Update SP1
cpe:2.3:a:microsoft:office_outlook:2007:sp1:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Office » Version: 2000 Update SP3
When used together with: Microsoft » Office » Version: 2003 Update SP3
When used together with: Microsoft » Office » Version: XP Update SP3
When used together with: Microsoft » Office System » Update 2007
When used together with: Microsoft » Office System » Version: SP1 Update 2007
Microsoft » Office Outlook » Version: 2007
cpe:2.3:a:microsoft:office_outlook:2007:*:*:*:*:*:*:*
Matching versions
When used together with: Microsoft » Office » Version: 2000 Update SP3
When used together with: Microsoft » Office » Version: 2003 Update SP3
When used together with: Microsoft » Office » Version: XP Update SP3
When used together with: Microsoft » Office System » Update 2007
When used together with: Microsoft » Office System » Version: SP1 Update 2007