Lucene search

PRIOn knowledge basePRION:CVE-2008-1092

HistoryMar 25, 2008 - 4:44 p.m.

Buffer overflow

2008-03-2516:44:00

PRIOn knowledge base

www.prio-n.com

7.7 High

AI Score

Confidence

Low

0.842 High

EPSS

Percentile

98.5%

JSON

Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026.

CPENameOperatorVersion
wordeq2000 sp3
wordeq2002 sp3
wordeq2003 sp2
wordeq2003.0.0-sp3
wordeq2007
wordeq2007.0.0-sp1

Name	Operator	Version
word	eq	2000 sp3
word	eq	2002 sp3
word	eq	2003 sp2
word	eq	2003.0.0-sp3
word	eq	2007
word	eq	2007.0.0-sp1

References

www.kb.cert.org/vuls/id/936529

www.microsoft.com/technet/security/advisory/950627.mspx

www.securitytracker.com/id?1019686

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028

exchange.xforce.ibmcloud.com/vulnerabilities/41380

marc.info/?l=bugtraq&m=121129490723574&w=2