Lucene search
SAINT CorporationSAINT:7BE99614B323723699A29842CFAF5AD1HistoryOct 24, 2008 - 12:00 a.m.
Microsoft Excel formula parsing integer overflow
2008-10-2400:00:00
SAINT Corporation
download.saintcorporation.com
6
0.911 High
EPSS
Percentile
98.9%
Added: 10/24/2008
CVE: CVE-2008-4019
BID: 31706
OSVDB: 49078
Background
Microsoft Excel, part of the Microsoft Office product suite, is a spreadsheet application for Windows and Macintosh platforms.
Problem
An integer overflow in the REPT function allows command execution when a user loads an Excel file containing a specially crafted formula within a cell.
Resolution
Install the patch referenced in Microsoft Security Bulletin 08-057.
References
<http://www.microsoft.com/technet/security/bulletin/MS08-057.mspx>
Limitations
Exploit works on Microsoft Excel 2003 SP3 and requires a user to open the exploit file.
There may be a delay before the connection is established after the user opens the file.
Platforms
Windows
Related
checkpoint_advisories
checkpoint_advisories
Microsoft Excel REPT Function Integer Overflow (MS08-057; CVE-2008-4019)
2010-10-24 00:00:00
saint
saint
Microsoft Excel formula parsing integer overflow
2008-10-24 00:00:00
Microsoft Excel formula parsing integer overflow
2008-10-24 00:00:00
Microsoft Excel formula parsing integer overflow
2008-10-24 00:00:00
prion
prion
Integer overflow
2008-10-15 00:12:00
cve
cve
CVE-2008-4019
2008-10-15 00:12:00
cvelist
cvelist
CVE-2008-4019
2008-10-15 00:00:00
zdi
zdi
seebug
seebug
Microsoft Excelε
¬εΌθ§£ζζ΄ζ°ζΊ’εΊζΌζ΄οΌMS08-057οΌ
2008-10-16 00:00:00
nessus
nessus
openvas
openvas
Microsoft Excel Remote Code Execution Vulnerability (956416)
2008-10-15 00:00:00
Microsoft Excel Remote Code Execution Vulnerability (956416)
2008-10-15 00:00:00
securityvulns
securityvulns