Lucene search

K
nvd[email protected]NVD:CVE-2008-2238
HistoryOct 30, 2008 - 8:00 p.m.

CVE-2008-2238

2008-10-3020:00:00
CWE-119
web.nvd.nist.gov

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.124 Low

EPSS

Percentile

95.4%

Multiple integer overflows in OpenOffice.org (OOo) 2.x before 2.4.2 allow remote attackers to execute arbitrary code via crafted EMR records in an EMF file associated with a StarOffice/StarSuite document, which trigger a heap-based buffer overflow.

Affected configurations

NVD
Node
openofficeopenoffice.org
OR
openofficeopenoffice.orgRange2.4.1
OR
openofficeopenoffice.orgMatch2.0
OR
openofficeopenoffice.orgMatch2.0.2
OR
openofficeopenoffice.orgMatch2.0.3
OR
openofficeopenoffice.orgMatch2.0.4
OR
openofficeopenoffice.orgMatch2.1
OR
openofficeopenoffice.orgMatch2.2
OR
openofficeopenoffice.orgMatch2.2.1
OR
openofficeopenoffice.orgMatch2.3
OR
openofficeopenoffice.orgMatch2.3.1
OR
openofficeopenoffice.orgMatch2.4
OR
openofficeopenoffice.orgMatch2.4.164-bit

References

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.4 High

AI Score

Confidence

Low

0.124 Low

EPSS

Percentile

95.4%