ID CVE-2008-3477
Summary Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka "Calendar Object Validation Vulnerability."
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:5.01:sp4:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:6:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp1:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp1:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2003:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:gold:professional_x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp2:professional_x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:6:sp1:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:internet_explorer:7:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:*:*:itanium:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:*:*:x32:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:*:*:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:gold:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:gold:x64:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_vista:*:sp1:x64:*:*:*:*:*
CVSS
Base: 9.3 (as of 26-02-2019 - 14:04)
Impact:
Exploitability:
CWE CWE-399
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
oval via4
accepted 2014-06-30T04:11:08.492-04:00
class vulnerability
contributors
  • name Sudhir Gandhe
    organization Secure Elements, Inc.
  • name Shane Shaffer
    organization G2, Inc.
  • name Josh Turpin
    organization Symantec Corporation
  • name Maria Mikhno
    organization ALTX-SOFT
definition_extensions
  • comment Microsoft Excel 2000 is installed
    oval oval:org.mitre.oval:def:758
  • comment Microsoft Excel 2002 is installed
    oval oval:org.mitre.oval:def:473
  • comment Microsoft Excel 2003 is installed
    oval oval:org.mitre.oval:def:764
description Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to heap-based buffer overflows, integer overflows, array index errors, and memory corruption, aka "Calendar Object Validation Vulnerability."
family windows
id oval:org.mitre.oval:def:5870
status accepted
submitted 2008-10-14T13:33:00
title Calendar Object Validation Vulnerability
version 13
refmap via4
bid 31702
cert TA08-288A
hp
  • HPSBST02379
  • SSRT080143
idefense 20081014 Microsoft Visual Basic for Applications - Multiple Vulnerabilities
ms MS08-057
sectrack 1021044
secunia 32211
vupen ADV-2008-2808
xf
  • excel-calendar-code-execution(45566)
  • win-ms08kb956416-update(45581)
Last major update 26-02-2019 - 14:04
Published 15-10-2008 - 00:12
Back to Top