Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (949029) |
Informations | |||
---|---|---|---|
Name | MS08-014 | First vendor Publication | 2008-03-11 |
Vendor | Microsoft | Last vendor Modification | 2008-10-01 |
Severity (Vendor) | Critical | Revision | 3.3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V3.3 (October 1, 2008): Added entry to the section, Frequently Asked Questions (FAQ) Related to This Security Update, to explain what components of the Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats are updated by this bulletin. This is an informational change only. There were no changes to the security update binaries. Summary: This security update resolves several privately reported and publicly reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS08-014.mspx |
CAPEC : Common Attack Pattern Enumeration & Classification
Id | Name |
---|---|
CAPEC-26 | Leveraging Race Conditions |
CAPEC-29 | Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions |
CAPEC-172 | Time and State Attacks |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
83 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
17 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5114 | |||
Oval ID: | oval:org.mitre.oval:def:5114 | ||
Title: | Excel Data Validation Record Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0111 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel Viewer 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5212 | |||
Oval ID: | oval:org.mitre.oval:def:5212 | ||
Title: | Excel Rich Text Validation Vulnerability | ||
Description: | Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0116 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel Viewer 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5284 | |||
Oval ID: | oval:org.mitre.oval:def:5284 | ||
Title: | Excel File Import Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0112 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5456 | |||
Oval ID: | oval:org.mitre.oval:def:5456 | ||
Title: | Excel Style Record Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0114 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel Viewer 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5508 | |||
Oval ID: | oval:org.mitre.oval:def:5508 | ||
Title: | Excel Conditional Formatting Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0117 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5512 | |||
Oval ID: | oval:org.mitre.oval:def:5512 | ||
Title: | Excel Formula Parsing Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0115 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel Viewer 2003 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5546 | |||
Oval ID: | oval:org.mitre.oval:def:5546 | ||
Title: | Macro Validation Vulnerability | ||
Description: | Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-0081 | Version: | 8 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel Viewer 2003 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 1 | |
Application | 4 | |
Application | 1 | |
Application |
| 7 |
Application | 1 |
SAINT Exploits
Description | Link |
---|---|
Microsoft Excel conditional formatting vulnerability | More info here |
Microsoft Excel rtAFDesc record invalid pointer access | More info here |
ExploitDB Exploits
id | Description |
---|---|
2008-03-21 | Microsoft Office Excel Code Execution Exploit (MS08-014) |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
42732 | Microsoft Excel Macro Validation Unspecified Code Execution Excel contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel fails to validate specially-crafted macros. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
42731 | Microsoft Excel Conditional Formatting Value Unspecified Code Execution |
42730 | Microsoft Excel BIFF File Format Rich Text Tag Malformed Tag Memory Corruption A buffer overflow exists in Excel. The program fails to validate BIFF files resulting in a heap overflow. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
42725 | Microsoft Excel XLS Malformed Formula Memory Corruption |
42724 | Microsoft Excel Style Record Handling Memory Corruption |
42723 | Microsoft Excel SLK File Import Unspecified Arbitrary Code Execution A code execution flaw exists in Excel. The Import function fails to validate SLK files resulting in code execution via an unspecified vector. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
42722 | Microsoft Excel BIFF8 Spreadsheet DVAL Record Handling Arbitrary Code Execution |
40344 | Microsoft Excel Malformed Header File Handling Remote Code Execution An unspecified memory corruption flaw exists in Excel. With a specially crafted file, a context-dependent attacker can cause arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2014-11-19 | Microsoft Office Excel style record overflow attempt RuleID : 32206 - Revision : 2 - Type : FILE-OFFICE |
2014-01-10 | Microsoft SYmbolic LinK file magic detected RuleID : 23701 - Revision : 12 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 23459 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 23458 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 23457 - Revision : 3 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel style record overflow attempt RuleID : 22052 - Revision : 8 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 21158 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 21157 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 21156 - Revision : 6 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel File Importing Code Execution RuleID : 20062 - Revision : 13 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel malformed formula parsing code execution attempt RuleID : 17655 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft SYmbolic LinK file magic detected RuleID : 13585 - Revision : 21 - Type : FILE-IDENTIFY |
2014-01-10 | CSV file download request RuleID : 13584 - Revision : 21 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft SYmbolic LinK file download request RuleID : 13583 - Revision : 24 - Type : FILE-IDENTIFY |
2014-01-10 | Microsoft Excel sst record arbitrary code execution attempt RuleID : 13582 - Revision : 15 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel dval record arbitrary code execution attempt RuleID : 13571 - Revision : 24 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel cf record arbitrary code excecution attempt RuleID : 13570 - Revision : 21 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel macro validation arbitrary code execution attempt RuleID : 13569 - Revision : 15 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_mar2008.nasl - Type : ACT_GATHER_INFO |
2008-03-11 | Name : Arbitrary code can be executed on the remote host through Microsoft Excel. File : smb_nt_ms08-014.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-11-19 21:23:19 |
|
2014-02-17 11:45:54 |
|
2014-01-19 21:30:10 |
|
2013-05-11 00:49:18 |
|