CVE-2008-7217

Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that ID to bypass intended security policy and access Office programs, related to permissions and ownership for certain directories.

CVSS v2.0 4.6 MEDIUM

4.6^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:L/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 3.9 / Impact : 6.4

Access Vector LOCAL

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
http://osvdb.org/44959
http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B948488
http://osvdb.org/44959
http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B948488

Configurations

Configuration 1 (hide)

cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*

History

21 Nov 2024, 00:58

Type	Values Removed	Values Added
References	~~() http://osvdb.org/44959 -~~	() http://osvdb.org/44959 -
References	~~() http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B948488 -~~	() http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B948488 -

07 Nov 2023, 02:03

Type	Values Removed	Values Added
References	~~{'url': 'http://support.microsoft.com/default.aspx?scid=kb;EN-US;948488', 'name': '948488', 'tags': ['Patch', 'Vendor Advisory'], 'refsource': 'MSKB'}~~	() http://support.microsoft.com/default.aspx?scid=kb%3BEN-US%3B948488 -

Information

Published : 2009-09-13 22:30

Updated : 2024-11-21 00:58

NVD link : CVE-2008-7217

Mitre link : CVE-2008-7217

CVE.ORG link : CVE-2008-7217

JSON object : View

Products Affected

microsoft

office

CWE

CWE-264

Permissions, Privileges, and Access Controls

4.6 /10