Lucene search
Copyright (C) 2008 Greenbone Networks GmbHOPENVAS:1361412562310900033HistoryAug 19, 2008 - 12:00 a.m.
Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
2008-08-1900:00:00
Copyright (C) 2008 Greenbone Networks GmbH
plugins.openvas.org
11
6.3 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.744 High
EPSS
Percentile
98.1%
This host is missing critical security update according to
Microsoft Bulletin MS08-051.
# Copyright (C) 2008 Greenbone Networks GmbH
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-or-later
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
# as published by the Free Software Foundation; either version 2
# of the License, or (at your option) any later version.
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.900033");
script_version("2022-05-11T11:17:52+0000");
script_tag(name:"last_modification", value:"2022-05-11 11:17:52 +0000 (Wed, 11 May 2022)");
script_tag(name:"creation_date", value:"2008-08-19 14:38:55 +0200 (Tue, 19 Aug 2008)");
script_cve_id("CVE-2008-0120", "CVE-2008-0121", "CVE-2008-1455");
script_copyright("Copyright (C) 2008 Greenbone Networks GmbH");
script_tag(name:"cvss_base", value:"9.3");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_category(ACT_GATHER_INFO);
script_family("Windows : Microsoft Bulletins");
script_name("Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)");
script_dependencies("smb_reg_service_pack.nasl", "secpod_office_products_version_900032.nasl", "secpod_ms_office_detection_900025.nasl");
script_mandatory_keys("MS/Office/Ver", "SMB/Office/PowerPnt/Version");
script_xref(name:"URL", value:"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-051");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/30552");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/30554");
script_xref(name:"URL", value:"http://www.securityfocus.com/bid/30579");
script_tag(name:"summary", value:"This host is missing critical security update according to
Microsoft Bulletin MS08-051.");
script_tag(name:"insight", value:"Multiple flaws exist due to:
- an integer overflow error when handling CString objects.
- a memory calculation error when processing malformed picture
indexes and list values.");
script_tag(name:"affected", value:"- Microsoft PowerPoint 2002/XP/2003/2007
- Microsoft PowerPoint Viewer 2003/2007");
script_tag(name:"solution", value:"The vendor has released updates. Please see the references for more information.");
script_tag(name:"impact", value:"Remote attackers could be able to corrupt memory locations via
a specially crafted PowerPoint files.");
script_tag(name:"qod_type", value:"registry");
script_tag(name:"solution_type", value:"VendorFix");
exit(0);
}
include("version_func.inc");
officeVer = get_kb_item("MS/Office/Ver");
if(officeVer && officeVer =~ "^(9|1[012])\.")
{
pptVer = get_kb_item("SMB/Office/PowerPnt/Version");
if(!pptVer || pptVer !~ "^(9|1[012])\."){
exit(0);
}
if(version_in_range(version:pptVer, test_version:"9.0", test_version2:"9.0.0.8968")){
security_message( port: 0, data: "The target host was found to be vulnerable" );
}
else if(version_in_range(version:pptVer, test_version:"10.0", test_version2:"10.0.6841")){
security_message( port: 0, data: "The target host was found to be vulnerable" );
}
else if(version_in_range(version:pptVer, test_version:"11.0", test_version2:"11.0.8226")){
security_message( port: 0, data: "The target host was found to be vulnerable" );
}
else if(version_in_range(version:pptVer, test_version:"12.0", test_version2:"12.0.6300.4999")){
security_message( port: 0, data: "The target host was found to be vulnerable" );
}
}
Related
securityvulns
securityvulns
openvas
openvas
nessus
nessus
checkpoint_advisories
checkpoint_advisories
cve
cve
prion
prion
Buffer overflow
2008-08-13 00:41:00
Memory corruption
2008-08-13 00:41:00
Integer overflow
2008-08-13 00:41:00
seebug
seebug
Microsoft PowerPoint Viewer 2003越界数组索引漏洞(MS08-051)
2008-08-14 00:00:00
Microsoft PowerPoint Viewer 2003 Cstring对象整数溢出漏洞(MS08-051)
2008-08-14 00:00:00
saint
saint
Microsoft PowerPoint Viewer picture index CString object integer overflow
2008-09-19 00:00:00
Microsoft PowerPoint Viewer picture index CString object integer overflow
2008-09-19 00:00:00
Microsoft PowerPoint Viewer picture index CString object integer overflow
2008-09-19 00:00:00
6.3 Medium
AI Score
Confidence
Low
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.744 High
EPSS
Percentile
98.1%
Related for OPENVAS:1361412562310900033