| Patch Name : |
office2003-SP3-KB953404-FullFile-ENU.exe |
| Patch Description : |
Security Update for Microsoft Office 2003 (KB953404) |
| Bulletin Id : |
MS08-055 |
| Bulletin Title : |
Vulnerability in Microsoft Office Could Allow Remote Code Execution (955047) |
| KnowledgeBase : | 953404 |
| Severity : |
Important |
| Location Path : | office2003-SP3-KB953404-FullFile-ENU.exe |
| Bulletin Summary: |
This security update resolves a privately reported vulnerability in Microsoft Office. The vulnerability could allow remote code execution if a user clicks a specially crafted OneNote URL. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. This security update addresses the vulnerability by modifying the way that Microsoft Office validates uniform resource locators. |
| Superceding Bulletin Id : |
None |
| Patch Release Date : |
Sep 9, 2008 |
| CVE Id : | CVE-2008-3007 |
| Affected Product Information |
|
| Product Name |
Service Pack Name |
| Office 2003 | Office 2003 SP2 |
|
| File changes |
|
| File Path |
Version |
| %commonfiles%\Microsoft Shared\Office11\Mso.dll | 11.0.8221.0 |
|
| Registry changes |
|
| Registry Path |
Key Name |
Key Value |
| No records found | | |
