CVE-2007-1202
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability."
Word (o Word Viewer) en Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 para Mac y Works Suite 2004, 2005 y 2006 no analiza apropiadamente ciertas "property strings of certain control words”, de texto enriquecido, lo que permite que los atacantes remotos asistidos por el usuario desencadenen corrupción de pila y ejecutar código arbitrario, también se conoce como la "Word RTF Parsing Vulnerability".
CVSS Scores
SSVC
- Decision:-
Timeline
- 2007-03-02 CVE Reserved
- 2007-05-08 CVE Published
- 2024-05-26 EPSS Updated
- 2024-08-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
CAPEC
References (10)
| URL | Tag | Source |
|---|---|---|
| http://www.kb.cert.org/vuls/id/555489 | Third Party Advisory |
|
| http://www.osvdb.org/34388 | Vdb Entry | |
| http://www.us-cert.gov/cas/techalerts/TA07-128A.html | Third Party Advisory | |
| https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1900 | Signature |
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=525 | 2018-10-16 | |
| http://www.securityfocus.com/bid/23836 | 2018-10-16 | |
| http://www.securitytracker.com/id?1018013 | 2018-10-16 |
| URL | Date | SRC |
|---|---|---|
| http://www.securityfocus.com/archive/1/468871/100/200/threaded | 2018-10-16 | |
| http://www.vupen.com/english/advisories/2007/1709 | 2018-10-16 | |
| https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024 | 2018-10-16 |
Affected Vendors, Products, and Versions
| Vendor | Product | Version | Other | Status | ||||||
|---|---|---|---|---|---|---|---|---|---|---|
| Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2000 Search vendor "Microsoft" for product "Word" and version "2000" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2002 Search vendor "Microsoft" for product "Word" and version "2002" | sp3 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2003 Search vendor "Microsoft" for product "Word" and version "2003" | sp2 |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Search vendor "Microsoft" for product "Word" | 2004 Search vendor "Microsoft" for product "Word" and version "2004" | mac |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Word Viewer Search vendor "Microsoft" for product "Word Viewer" | 2003 Search vendor "Microsoft" for product "Word Viewer" and version "2003" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Works Search vendor "Microsoft" for product "Works" | 2004 Search vendor "Microsoft" for product "Works" and version "2004" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Works Search vendor "Microsoft" for product "Works" | 2005 Search vendor "Microsoft" for product "Works" and version "2005" | - |
Affected
| ||||||
| Microsoft Search vendor "Microsoft" | Works Search vendor "Microsoft" for product "Works" | 2006 Search vendor "Microsoft" for product "Works" and version "2006" | - |
Affected
| ||||||