Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
saintSAINT CorporationSAINT:6F4112B996C559772BEE2D92B4C021BB
HistoryOct 24, 2008 - 12:00 a.m.

Microsoft Excel formula parsing integer overflow

2008-10-2400:00:00
SAINT Corporation
download.saintcorporation.com
13

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.946 High

EPSS

Percentile

99.0%

JSON

Added: 10/24/2008
CVE: CVE-2008-4019
BID: 31706
OSVDB: 49078

Background

Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.

Problem

An integer overflow in the REPT function allows command execution when a user loads an Excel file containing a specially crafted formula within a cell.

Resolution

Install the patch referenced in Microsoft Security Bulletin 08-057.

References

<http://www.microsoft.com/technet/security/bulletin/MS08-057.mspx&gt;

Limitations

Exploit works on Microsoft Excel 2003 SP3 and requires a user to open the exploit file.

There may be a delay before the connection is established after the user opens the file.

Platforms

Windows

Related

checkpoint_advisories 2
saint 3
prion 1
cve 1
seebug 1
zdi 1
nessus 2
openvas 2
securityvulns 2
checkpoint_advisories
checkpoint_advisories
Microsoft Excel REPT Function Integer Overflow (MS08-057; CVE-2008-4019)
2010-10-24 00:00:00
Microsoft Excel REPT Function Integer Overflow (MS08-057) - Ver2 (CVE-2008-4019)
2014-04-16 00:00:00
saint
saint
Microsoft Excel formula parsing integer overflow
2008-10-24 00:00:00
Microsoft Excel formula parsing integer overflow
2008-10-24 00:00:00
Microsoft Excel formula parsing integer overflow
2008-10-24 00:00:00
prion
prion
Integer overflow
2008-10-15 00:12:00
cve
cve
CVE-2008-4019
2008-10-15 00:12:00
seebug
seebug
Microsoft Excelε…¬εΌθ§£ζžζ•΄ζ•°ζΊ’ε‡ΊζΌζ΄žοΌˆMS08-057οΌ‰
2008-10-16 00:00:00
zdi
zdi
Microsoft Office Excel REPT Formula Parsing Remote Code Execution Vulnerability
2008-10-14 00:00:00
nessus
nessus
MS08-057: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (956416) (Mac OS X)
2010-10-20 00:00:00
MS08-057: Microsoft Excel Multiple Method Remote Code Execution (956416)
2008-10-15 00:00:00
openvas
openvas
Microsoft Excel Remote Code Execution Vulnerability (956416)
2008-10-15 00:00:00
Microsoft Excel Remote Code Execution Vulnerability (956416)
2008-10-15 00:00:00
securityvulns
securityvulns
Microsoft Security Bulletin MS08-057 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution &#40;956416&#41;
2008-10-14 00:00:00
Microsoft Office multiple security vulnerabilities
2008-10-15 00:00:00

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.946 High

EPSS

Percentile

99.0%

JSON
Related for SAINT:6F4112B996C559772BEE2D92B4C021BB
checkpoint_advisories2saint3prion1cve1seebug1zdi1nessus2openvas2securityvulns2