Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-4264
HistoryDec 10, 2008 - 2:00 p.m.

CVE-2008-4264

2008-12-1014:00:01
CWE-399
[email protected]
web.nvd.nist.gov
44
microsoft
office
excel
remote code execution
vulnerability
spreadsheet

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.944 High

EPSS

Percentile

99.2%

JSON

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers β€œpointer corruption” during the loading of formulas from this spreadsheet, aka β€œFile Format Parsing Vulnerability.”

Affected configurations

NVD
Node
microsoftoffice_excelMatch2000sp3
OR
microsoftoffice_excelMatch2002sp3
OR
microsoftoffice_excelMatch2003sp3
OR
microsoftoffice_excelMatch2007
OR
microsoftoffice_excelMatch2007sp1
AND
microsoft20007_office_system
OR
microsoft20007_office_systemMatchsp1
OR
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp3
OR
microsoftofficeMatchxpsp3
Node
microsoftofficeMatch2004mac
OR
microsoftofficeMatch2008mac
OR
microsoftoffice_compatibility_pack_for_word_excel_ppt_2007
OR
microsoftoffice_compatibility_pack_for_word_excel_ppt_2007sp1
OR
microsoftoffice_excel_viewer
OR
microsoftoffice_excel_viewerMatch2003
OR
microsoftoffice_excel_viewerMatch2003sp3
OR
microsoftopen_xml_file_format_convertermac

Related

checkpoint_advisories 2
prion 1
nvd 1
cvelist 1
openvas 2
seebug 1
nessus 2
securityvulns 2
checkpoint_advisories
checkpoint_advisories
Microsoft Excel File OBJ Record Memory Corruption (MS08-074; CVE-2008-4264)
2008-12-09 00:00:00
Microsoft Excel File OBJ Record Memory Corruption (MS08-074) - Ver2 (CVE-2008-4264)
2014-03-03 00:00:00
prion
prion
Format string
2008-12-10 14:00:00
nvd
nvd
CVE-2008-4264
2008-12-10 14:00:01
cvelist
cvelist
CVE-2008-4264
2008-12-10 13:33:00
openvas
openvas
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
2008-12-10 00:00:00
Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
2008-12-10 00:00:00
seebug
seebug
Microsoft Excelη•Έε½’ε―Ήθ±‘θ§£ζžθΏœη¨‹δ»£η ζ‰§θ‘ŒζΌζ΄žοΌˆMS08-074οΌ‰
2008-12-11 00:00:00
nessus
nessus
MS08-074: Microsoft Excel Multiple Method Remote Code Execution (959070)
2008-12-10 00:00:00
MS08-072 / MS08-074: Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (957173 / 959070) (Mac OS X)
2010-10-20 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS08-074 - Critical Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)
2008-12-10 00:00:00
Microsoft Office multiple security vulnerabilities
2008-12-11 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.944 High

EPSS

Percentile

99.2%

JSON
Related for CVE-2008-4264
checkpoint_advisories2prion1nvd1cvelist1openvas2seebug1nessus2securityvulns2