CVE Vulnerability

CVE-2008-0113

Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."

9.3 /10

CVSS v2.0 :

V3 Legend

Vector :

Exploitability : 8.6 / Impact : 10

Attack Vector

Attack Complexity

Privileges Required

User Interaction

Confidentiality Impact COMPLETE

Integrity Impact COMPLETE

Availability Impact COMPLETE

Scope

References
Link Resource
http://www.us-cert.gov/cas/techalerts/TA08-071A.html US Government Resource
http://secunia.com/advisories/29321 Vendor Advisory
http://www.securitytracker.com/id?1019578
http://www.zerodayinitiative.com/advisories/ZDI-08-008
http://marc.info/?l=bugtraq&m=120585858807305&w=2
http://www.vupen.com/english/advisories/2008/0848/references Vendor Advisory
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5421
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016
http://www.securityfocus.com/archive/1/489415/100/0/threaded
Configurations

Configuration 1

cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*
Information

Published : 2008-03-11 11:44

Updated : 2018-10-15 09:57

NVD link : CVE-2008-0113

Mitre link : CVE-2008-0113

Products Affected
No products.
CWE
CWE-94

NVD-CWE-noinfo