ID CVE-2008-0113
Summary Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 15-10-2018 - 21:57)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2011-11-21T04:13:11.425-05:00
class vulnerability
contributors
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Pradeep R B
    organization SecPod Technologies
definition_extensions
  • comment Microsoft Excel Viewer 2003 is installed
    oval oval:org.mitre.oval:def:439
  • comment Microsoft Word Viewer is installed
    oval oval:org.mitre.oval:def:737
description Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."
family windows
id oval:org.mitre.oval:def:5421
status accepted
submitted 2008-03-11T14:47:00
title Microsoft Office Cell Parsing Memory Corruption Vulnerability
version 9
refmap via4
bugtraq 20080311 ZDI-08-008: Microsoft Excel BIFF File Format Cell Record Parsing Memory Corruption Vulnerability
cert TA08-071A
hp
  • HPSBST02320
  • SSRT080028
misc http://www.zerodayinitiative.com/advisories/ZDI-08-008
ms MS08-016
sectrack 1019578
secunia 29321
vupen ADV-2008-0848
Last major update 15-10-2018 - 21:57
Published 11-03-2008 - 23:44
Back to Top