Lucene search

PRIOn knowledge basePRION:CVE-2008-3460

HistoryAug 12, 2008 - 11:41 p.m.

Design/Logic Flaw

2008-08-1223:41:00

PRIOn knowledge base

www.prio-n.com

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.791 High

EPSS

Percentile

98.2%

JSON

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the “WPG Image File Heap Corruption Vulnerability.”

CPENameOperatorVersion
officeeqxp sp3
officeeq2003 sp2
officeeq2000 sp3
workseq8.0

Name	Operator	Version
office	eq	xp sp3
office	eq	2003 sp2
office	eq	2000 sp3
works	eq	8.0

References

labs.idefense.com/intelligence/vulnerabilities/display.php?id=737

secunia.com/advisories/31336

www.securityfocus.com/bid/30600

www.securitytracker.com/id?1020673

www.us-cert.gov/cas/techalerts/TA08-225A.html

www.vupen.com/english/advisories/2008/2348

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-044

marc.info/?l=bugtraq&m=121915960406986&w=2

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6019

7.9 High

AI Score

Confidence

Low

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.791 High

EPSS

Percentile

98.2%

JSON

Related for PRION:CVE-2008-3460