CVE-2008-7217

medium Microsoft
CVSS v3 Base Score
4.6
AV:L/AC:L/Au:N/C:P/I:P/A:P
EPSS Score
0.3%
Exploitation probability in 30 days
Top 51% most likely to be exploited
Attack Characteristics
Attack Vector
Local
Attack Complexity
Low
Confidentiality
P
Integrity
P
Availability
P
Published: September 13, 2009 (6086 days ago)
Last Modified: April 23, 2026
Vendor: Microsoft
Source: NVD

Description

Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that ID to bypass intended security policy and access Office programs, related to permissions and ownership for certain directories.

CWE

CWE-264

Affected Products

microsoft office

References

🔗 osvdb.org 🔗 support.microsoft.com 🔗 osvdb.org 🔗 support.microsoft.com