CVE-2008-7217 : Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not

Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that ID to bypass intended security policy and access Office programs, related to permissions and ownership for certain directories.

Published 2009-09-13 22:30:00

Updated 2009-09-14 04:00:00

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2008-7217

Probability of exploitation activity in the next 30 days: 0.07%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 29 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-7217

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
4.6	MEDIUM	AV:L/AC:L/Au:N/C:P/I:P/A:P	3.9	6.4	NIST
Access Vector: Local Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: Partial Availability Impact: Partial

CWE ids for CVE-2008-7217

CWE-264

Assigned by: nvd@nist.gov (Primary)

References for CVE-2008-7217

http://support.microsoft.com/default.aspx?scid=kb;EN-US;948488

Patch;Vendor Advisory

Products affected by CVE-2008-7217

Microsoft » Office » Version: 2008 MAC Edition
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2008-7217

Exploit prediction scoring system (EPSS) score for CVE-2008-7217

CVSS scores for CVE-2008-7217

CWE ids for CVE-2008-7217

References for CVE-2008-7217

Products affected by CVE-2008-7217