ID CVE-2008-4254
Summary Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:office_frontpage:2002:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_frontpage:2002:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2003:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:project:2003:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2007:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:project:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2007:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:project:2007:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_foxpro:9.0:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_foxpro:9.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*
CVSS
Base: 8.5 (as of 12-10-2018 - 21:48)
Impact:
Exploitability:
CWE CWE-189
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
assigner via4 cve@mitre.org
cvss-vector via4 AV:N/AC:M/Au:S/C:C/I:C/A:C
oval via4
accepted 2012-11-12T04:00:34.005-05:00
class vulnerability
contributors
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Pradeep R B
    organization SecPod Technologies
  • name Pradeep R B
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Visual FoxPro is installed
    oval oval:org.mitre.oval:def:14198
  • comment Microsoft Visual Basic 6.0 is installed
    oval oval:org.mitre.oval:def:15369
description Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability."
family windows
id oval:org.mitre.oval:def:5805
status accepted
submitted 2008-12-09T13:31:00
title Hierarchical FlexGrid Control Memory Corruption Vulnerability
version 67
refmap via4
bugtraq 20081209 Secunia Research: Microsoft Hierarchical FlexGrid Control Integer Overflows
cert TA08-344A
confirm http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm
misc http://secunia.com/secunia_research/2007-72/
ms MS08-070
sectrack 1021369
vupen ADV-2008-3382
vulnerable_product via4
  • cpe:2.3:a:microsoft:office_frontpage:2002:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2003:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:project:2007:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_basic:6.0:*:runtime_extended_files:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_foxpro:8.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_foxpro:9.0:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_foxpro:9.0:sp2:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_.net:2002:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:visual_studio_.net:2003:sp1:*:*:*:*:*:*
Last major update 12-10-2018 - 21:48
Published 10-12-2008 - 14:00
Back to Top