Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2008-0113

Overview

Vulnerability Score 9.3 9.3
CVE Id CVE-2008-0113
Last Modified 12 Apr 2011 12:00:00
Published 11 Mar 2008 07:44:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2008-0113

Summary

Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."

Vulnerable Systems

Application

  • Microsoft Excel Viewer 2003


References

CERT - TA08-071A

MS - MS08-016

MISC - http://www.zerodayinitiative.com/advisories/ZDI-08-008

VUPEN - ADV-2008-0848

SECTRACK - 1019578

BUGTRAQ - 20080311 ZDI-08-008: Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability

SECUNIA - 29321

HP - HPSBST02320

HP - SSRT080028


Last Updated: 27 May 2016 10:47:27