Lucene search

SAINT CorporationSAINT:5A6BA9C0694F33378D3794624B98A5CF

HistoryApr 04, 2008 - 12:00 a.m.

Microsoft Office Drawing Shapes memory corruption vulnerability

2008-04-0400:00:00

SAINT Corporation

download.saintcorporation.com

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.956 High

EPSS

Percentile

99.2%

JSON

Added: 04/04/2008
CVE: CVE-2008-0118
BID: 28146
OSVDB: 42709

Background

Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations.

Problem

A memory corruption vulnerability allows command execution when a user opens a specially crafted Microsoft Office file.

Resolution

Apply the patch referenced in Microsoft Security Bulletin 08-016.

References

<http://www.microsoft.com/technet/security/bulletin/MS08-016.mspx>

Limitations

Exploit works on Microsoft PowerPoint 2002 SP3 with the patch KB934705.

Platforms

Windows

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.956 High

EPSS

Percentile

99.2%

JSON

Related for SAINT:5A6BA9C0694F33378D3794624B98A5CF