CVE-2008-3020

Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."...

CVE-2008-3021

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bitsperpixel field, aka the "PICT Filter Parsing Vulnerability," a...

Design/Logic Flaw

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bitsperpixel field, aka the "PICT Filter Parsing Vulnerability," a...

CVE-2008-3019

CVE-2008-3019 describes a remote code execution vulnerability in Microsoft Office filters related to malformed Encapsulated PostScript (EPS) handling. A crafted EPS file could allow code execution when opened with affected Office products: Office 2000 SP3, XP SP3, and 2003 SP2, plus the Office Co...

CVE-2008-3020

CVE-2008-3020 is a remote code execution vulnerability in Microsoft Office filters, specifically in the BMPIMP32.FLT module used by Office BMP import handling. A crafted BMP image with a malformed header (e.g., an excessive number of colors) causes a heap buffer overflow/memory corruption in BMP ...

Security Update for Microsoft Works 8 (KB973636)

A security vulnerability exists in Microsoft Works 8 that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...