PRIOn knowledge basePRION:CVE-2008-3477Integer overflow
7.9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.895 High
EPSS
Percentile
98.7%
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka βCalendar Object Validation Vulnerability.β
| CPE | Name | Operator | Version |
|---|---|---|---|
| internet_explorer | eq | 5.1 sp4 | |
| internet_explorer | eq | 6 | |
| internet_explorer | eq | 6 sp1 | |
| internet_explorer | eq | 7 |
References
labs.idefense.com/intelligence/vulnerabilities/display.php?id=746
secunia.com/advisories/32211
www.securityfocus.com/bid/31702
www.securitytracker.com/id?1021044
www.us-cert.gov/cas/techalerts/TA08-288A.html
www.vupen.com/english/advisories/2008/2808
docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-057
exchange.xforce.ibmcloud.com/vulnerabilities/45566
exchange.xforce.ibmcloud.com/vulnerabilities/45581
marc.info/?l=bugtraq&m=122479227205998&w=2
oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5870
Related
7.9 High
AI Score
Confidence
High
9.3 High
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
0.895 High
EPSS
Percentile
98.7%