Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3004
HistoryAug 12, 2008 - 11:41 p.m.

CVE-2008-3004

2008-08-1223:41:00
CWE-20
[email protected]
web.nvd.nist.gov
40
microsoft
office
excel
sp3
excel viewer
mac
vulnerability
remote code execution
cve-2008-3004

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.961 High

EPSS

Percentile

99.5%

JSON

Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the β€œExcel Indexing Validation Vulnerability.”

Affected configurations

NVD
Node
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatch2003sp3
OR
microsoftofficeMatchxpsp3
OR
microsoftoffice_excel_viewerMatch2003
Node
microsoftofficeMatch2004mac
OR
microsoftofficeMatch2008mac

Related

securityvulns 3
checkpoint_advisories 2
cvelist 1
nvd 1
seebug 1
prion 1
openvas 2
nessus 2
securityvulns
securityvulns
iDefense Security Advisory 08.12.08: Microsoft Excel Chart AxesSet Invalid Array Index Vulnerability
2008-08-13 00:00:00
Microsoft Security Bulletin MS08-043 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
2008-08-12 00:00:00
Microsoft Office / Word / Excel / Power Point multiple security vulnerabilities
2008-08-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Axisparent Record Index Handling Code Execution (MS08-043) - Ver2 (CVE-2008-3004)
2014-03-03 00:00:00
Microsoft Excel Axisparent Record Index Handling Code Execution (MS08-043; CVE-2008-3004)
2008-08-12 00:00:00
cvelist
cvelist
CVE-2008-3004
2008-08-12 23:00:00
nvd
nvd
CVE-2008-3004
2008-08-12 23:41:00
seebug
seebug
Microsoft Excelη΄’εΌ•ιͺŒθ―θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS08-043οΌ‰
2008-08-19 00:00:00
prion
prion
Input validation
2008-08-12 23:41:00
openvas
openvas
Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
2008-08-19 00:00:00
Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
2008-08-19 00:00:00
nessus
nessus
MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
2008-08-13 00:00:00
MS08-043 / MS08-051: Vulnerabilities in Microsoft Could Allow Remote Code Execution (954066 / 949785) (Mac OS X)
2010-10-20 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.961 High

EPSS

Percentile

99.5%

JSON
Related for CVE-2008-3004
securityvulns3checkpoint_advisories2cvelist1nvd1seebug1prion1openvas2nessus2