INFORMATION

Name : CVE-2008-4265 First Publication : 2008-12-10
Severity : High Last Modification : 2009-03-04

SCORING CVSS v2

Cvss Base Score : 9.3 Attack Range : Network
Cvss Impact Score : 10 Attack Complexity : Medium
Cvss Expoit Score : 8.6 Authentification : None Required

Calculate full CVSS 2.0 Vectors scores

DETAIL

Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format Parsing Vulnerability."http://www.microsoft.com/technet/security/Bulletin/MS08-074.mspx


File Format Parsing Vulnerability - CVE-2008-4265

A remote code execution vulnerability exists in Microsoft Office Excel as a result of memory corruption when loading Excel records. The vulnerability could allow remote code execution if a user opens a specially crafted Excel file that includes a malformed object. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.


MORE INFORMATIONS

If you login, you will see more informations about this alert including :

1 CWE ID(s)
2 Oval ID(s)
19 CPE ID(s)
8 Alerts who talk about the same subject
6 Secondary sources

Your browser must accept cookie for login.

Login : Password: Captcha :
Remember me ?
if you can not read it, please refresh the page

If you don't have a login, register for FREE.