9.3 - MS08-074

Executive Summary

Summary
Title	Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070)

Informations
Name	MS08-074	First vendor Publication	2008-12-09
Vendor	Microsoft	Last vendor Modification	2009-01-28
Severity (Vendor)	Critical	Revision	2.0

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score	NA
Base Score	NA	Environmental Score	NA
impact SubScore	NA	Temporal Score	NA
Exploitabality Sub Score	NA

Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C)
Cvss Base Score	9.3	Attack Range	Network
Cvss Impact Score	10	Attack Complexity	Medium
Cvss Expoit Score	8.6	Authentication	None Required
Calculate full CVSS 2.0 Vectors scores

Detail

Revision Note: V2.0 (January 28, 2009): Added a footnote to the Affected Software table and two entries to the section, Frequently Asked Questions (FAQ) Related to this Security Update, pertaining to security updates KB958437 and KB958439 for supported versions of Microsoft Office Excel 2007. There were no changes to the security update binaries or detection. Customers with Microsoft Office Excel 2007 or Microsoft Office Excel 2007 Service Pack 1 who have already successfully installed KB958437 and KB958439 do not need to reinstall.Summary: This security update resolves three privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.

Original Source

Url : http://www.microsoft.com/technet/security/bulletin/MS08-074.mspx

CWE : Common Weakness Enumeration

%	Id	Name
100 %	CWE-399	Resource Management Errors

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:5556

Oval ID:	oval:org.mitre.oval:def:5556
Title:	File Format Parsing Vulnerability
Description:	Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers "pointer corruption" during the loading of formulas from this spreadsheet, aka "File Format Parsing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-4264	Version:	10
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer 2003 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack
Definition Synopsis:
Check for Vulnerable Excel 2000 and Excel.exe version Microsoft Excel 2000 is installed AND Excel.exe version is less than 9.0.0.8974 OR Check for Vulnerable Excel 2002 and Excel.exe version Microsoft Excel 2002 is installed AND Excel.exe version is less than 10.0.6850.0 OR Check for Vulnerable Excel 2003 and Excel.exe version Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8237.0 OR Check for Vulnerable Excel 2007 and Excel.exe version Microsoft Excel 2007 is installed AND Excel.exe version is less than 12.0.6331.5000 OR Check for Vulnerable Excel 2003 and Excel.exe version Microsoft Excel Viewer 2003 is installed AND Xlview.exe version is less than 11.0.8237.0 OR Check for Vulnerable Office Compatibility Pack and Excelcnv.exe version Microsoft Office Compatibility Pack is installed AND Excelcnv.exe version is less than 12.0.6331.5000 OR Check for Vulnerable Excel viewer 2007 and Xlview.exe version Microsoft Excel Viewer 2007 is installed AND Check if version of Xlview.exe is less than 12.0.6331.5000

Definition Id: oval:org.mitre.oval:def:5614

Oval ID:	oval:org.mitre.oval:def:5614
Title:	File Format Parsing Vulnerability
Description:	Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format Parsing Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-4265	Version:	5
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Excel 2000
Definition Synopsis:
Microsoft Excel 2000 is installed AND Excel.exe version is less than 9.0.0.8974

Definition Id: oval:org.mitre.oval:def:5808

Oval ID:	oval:org.mitre.oval:def:5808
Title:	Excel Global Array Memory Corruption Vulnerability
Description:	Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Excel spreadsheet with a NAME record that contains an invalid index value, which triggers stack corruption, aka "Excel Global Array Memory Corruption Vulnerability."
Family:	windows	Class:	vulnerability
Reference(s):	CVE-2008-4266	Version:	6
Platform(s):	Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008	Product(s):	Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Office Excel Viewer 2003
Definition Synopsis:
IF Microsoft Excel 2000 is installed AND Excel.exe version is less than 9.0.0.8974 OR Microsoft Excel 2002 is installed AND Excel.exe version is less than 10.0.6850.0 OR Microsoft Excel 2003 is installed AND Excel.exe version is less than 11.0.8237.0 OR Microsoft Excel Viewer 2003 is installed AND Xlview.exe version is less than 11.0.8237.0

CPE : Common Platform Enumeration

Type	Description	Count
Application	Microsoft Excel cpe:2.3:a:microsoft:excel:2003:sp3:::::: cpe:2.3:a:microsoft:excel:2002:sp3:::::: cpe:2.3:a:microsoft:excel:2000:sp3::::::	3
Application	Microsoft Excel Viewer cpe:2.3:a:microsoft:excel_viewer:2003:::::::* cpe:2.3:a:microsoft:excel_viewer:2003:sp3::::::	2
Application	Microsoft Office cpe:2.3:a:microsoft:office:2008::mac::::: cpe:2.3:a:microsoft:office:2004::mac:::::	2
Application	Microsoft Office Excel cpe:2.3:a:microsoft:office_excel:2003:sp3:::::: cpe:2.3:a:microsoft:office_excel:2002:sp3:::::: cpe:2.3:a:microsoft:office_excel:2000:sp3::::::	3
Application	Microsoft Open Xml File Format Converter cpe:2.3:a:microsoft:open_xml_file_format_converter:::mac:::::*	1

SAINT Exploits

Description	Link
Microsoft Excel TXO and OBJ record parsing memory corruption	More info here

OpenVAS Exploits

Date	Description
2008-12-10	Name : Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (... File : nvt/secpod_ms08-074.nasl

Open Source Vulnerability Database (OSVDB)

Id	Description
50557	Microsoft Excel NAME Record Global Array Parsing Memory Corruption Excel, Excel Viewer, Office for Mac and Open XML File Format Converter for Mac contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel processes a spreadsheet with a NAME record that contains an invalid index value triggering stack corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
50556	Microsoft Excel Malformed Object Record Parsing Memory Corruption Excel contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel processes a specially crafted Excel spreadsheet with a malformed object triggering memory corruption when loading the records. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.
50555	Microsoft Excel Malformed Formula Parsing Memory Corruption Excel, Excel Viewer, Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats, Office for Mac and Open XML File Format Converter for Mac contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel processes a specially crafted Excel spreadsheet with a malformed formula triggering pointer corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity.

Snort® IPS/IDS

Date	Description
2019-10-01	Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 51364 - Revision : 1 - Type : FILE-OFFICE
2019-10-01	Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 51363 - Revision : 1 - Type : FILE-OFFICE
2014-11-16	Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 31592 - Revision : 2 - Type : FILE-OFFICE
2014-11-16	Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 31591 - Revision : 3 - Type : FILE-OFFICE
2014-02-21	Microsoft Office Excel country record arbitrary code execution attempt RuleID : 29404 - Revision : 2 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 21932 - Revision : 4 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 21931 - Revision : 5 - Type : FILE-OFFICE
2014-01-10	Micrsoft Office Excel TXO and OBJ Records Parsing Stack Memory Corruption RuleID : 17532 - Revision : 14 - Type : FILE-OFFICE
2014-01-10	Microsoft Excel malformed OBJ record memory corruption attempt RuleID : 15117 - Revision : 14 - Type : FILE-OFFICE
2014-01-10	Microsoft Office Excel country record arbitrary code execution attempt RuleID : 13972 - Revision : 23 - Type : FILE-OFFICE

Nessus® Vulnerability Scanner

Date	Description
2010-10-20	Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_dec2008.nasl - Type : ACT_GATHER_INFO
2008-12-10	Name : Arbitrary code can be executed on the remote host through Microsoft Excel. File : smb_nt_ms08-074.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.

Date	Informations
2014-11-16 21:25:20	Multiple Updates
2014-02-21 21:20:37	Multiple Updates
2014-02-17 11:46:08	Multiple Updates
2014-01-19 21:30:16	Multiple Updates
2013-05-11 00:49:25	Multiple Updates

Global Informations

Type	Count
CWE ID(s)	3
Oval ID(s)	3
CPE ID(s)	11
Saint Exploit(s)	1
osvdb(s)	3
Openvas Exploit(s)	1
Snort® Rule(s)	10
Nessus® Exploit(s)	2

	Related
10	HPSBST02394 SSR...
9.3	MS09-027
9.3	MS09-021
9.3	MS09-017
9.3	MS09-009
9.3	MS08-072
9.3	MS08-057
9.3	CVE-2008-4266
9.3	CVE-2008-4265
9.3	CVE-2008-4264
Info : listing not affected by your CVSS Env Score

Same Subject	Severity
Login to view 10 more Alert(s)

9.3 - MS08-074

Executive Summary

Security-Database Scoring CVSS v3

Security-Database Scoring CVSS v2

Detail

Original Source

CWE : Common Weakness Enumeration

OVAL Definitions

CPE : Common Platform Enumeration

SAINT Exploits

OpenVAS Exploits

Open Source Vulnerability Database (OSVDB)

Snort® IPS/IDS

Nessus® Vulnerability Scanner

Alert History

Global Informations

Open Standards

Other Databases

COMPANY

STANDARDS

RECENT POSTS

MENU