CVE-2008-0113

Sažetak

Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."

Reference

http://marc.info/?l=bugtraq&m=120585858807305&w=2
http://secunia.com/advisories/29321
http://www.securityfocus.com/archive/1/489415/100/0/threaded
http://www.securitytracker.com/id?1019578
http://www.us-cert.gov/cas/techalerts/TA08-071A.html
http://www.vupen.com/english/advisories/2008/0848/references
http://www.zerodayinitiative.com/advisories/ZDI-08-008
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5421

CVSS

Base:	9.3
Impact:	10.0
Exploitability:	8.6

Pristup

Vektor	Složenost	Autentikacija
NETWORK	MEDIUM	NONE

Impact

Povjerljivost	Cjelovitost	Dostupnost
COMPLETE	COMPLETE	COMPLETE

CVSS vektor

AV:N/AC:M/Au:N/C:C/I:C/A:C

Zadnje važnije ažuriranje

15-10-2018 - 21:57

Objavljeno

11-03-2008 - 23:44