PRIOn knowledge basePRION:CVE-2008-1090

HistoryApr 08, 2008 - 11:05 p.m.

Input validation

2008-04-0823:05:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.595 Medium

EPSS

Percentile

97.7%

JSON

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka “Visio Memory Validation Vulnerability.”

CPENameOperatorVersion
officeeq2007.0.0-sp1
officeeq2003 sp2
officeeqxp sp2
officeeq2007
officeeq2003 sp3
visioeq2003 sp1
visioeq2003.0.0-sp3
visioeq2002 sp2
visioeq2007.0.0-sp1
visioeq2007

Name	Operator	Version
office	eq	2007.0.0-sp1
office	eq	2003 sp2
office	eq	xp sp2
office	eq	2007
office	eq	2003 sp3
visio	eq	2003 sp1
visio	eq	2003.0.0-sp3
visio	eq	2002 sp2
visio	eq	2007.0.0-sp1
visio	eq	2007

References

secunia.com/advisories/29691

www.securityfocus.com/bid/28556

www.securitytracker.com/id?1019804

www.us-cert.gov/cas/techalerts/TA08-099A.html

www.vupen.com/english/advisories/2008/1143/references

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-019

exchange.xforce.ibmcloud.com/vulnerabilities/41452

marc.info/?l=bugtraq&m=120845064910729&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5344

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.595 Medium

EPSS

Percentile

97.7%

JSON

Related for PRION:CVE-2008-1090