Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3477
HistoryOct 15, 2008 - 12:12 a.m.

CVE-2008-3477

2008-10-1500:12:00
CWE-399
[email protected]
web.nvd.nist.gov
27
cve-2008-3477
microsoft excel
vba
performance cache
office document
embedded object
remote code execution
heap-based buffer overflows
integer overflows
array index errors
memory corruption
calendar object validation vulnerability
nvd

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.874 High

EPSS

Percentile

98.6%

JSON

Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka β€œCalendar Object Validation Vulnerability.”

Related

seebug 1
securityvulns 3
prion 1
checkpoint_advisories 2
openvas 2
nessus 1
seebug
seebug
Microsoft Excelζ—₯εŽ†ε―Ήθ±‘ιͺŒθ―θΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS08-057οΌ‰
2008-10-16 00:00:00
securityvulns
securityvulns
[Full-disclosure] iDefense Security Advisory 10.14.08: Microsoft Visual Basic for Applications - Multiple Vulnerabilities
2008-10-15 00:00:00
Microsoft Security Bulletin MS08-057 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416)
2008-10-14 00:00:00
Microsoft Office multiple security vulnerabilities
2008-10-15 00:00:00
prion
prion
Integer overflow
2008-10-15 00:12:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel VisualBasic Object Validation Code Execution (MS08-057; CVE-2008-3477)
2008-10-14 00:00:00
Microsoft Excel Embedded Object Validation Integer Overflow - Ver2 (CVE-2008-3477)
2014-03-03 00:00:00
openvas
openvas
Microsoft Excel Remote Code Execution Vulnerability (956416)
2008-10-15 00:00:00
Microsoft Excel Remote Code Execution Vulnerability (956416)
2008-10-15 00:00:00
nessus
nessus
MS08-057: Microsoft Excel Multiple Method Remote Code Execution (956416)
2008-10-15 00:00:00

7.5 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.874 High

EPSS

Percentile

98.6%

JSON
Related for CVE-2008-3477
seebug1securityvulns3prion1checkpoint_advisories2openvas2nessus1