Executive Summary
| Summary | |
|---|---|
| Title | Vulnerabilities in Microsoft Office Could Allow Remote Code Execution (949030) |
| Informations | |||
|---|---|---|---|
| Name | MS08-016 | First vendor Publication | 2008-03-11 |
| Vendor | Microsoft | Last vendor Modification | 2008-03-11 |
| Severity (Vendor) | Critical | Revision | N/A |
Security-Database Scoring CVSS v3
| Cvss vector : N/A | |||
|---|---|---|---|
| Overall CVSS Score | NA | ||
| Base Score | NA | Environmental Score | NA |
| impact SubScore | NA | Temporal Score | NA |
| Exploitabality Sub Score | NA | ||
| Calculate full CVSS 3.0 Vectors scores | |||
Security-Database Scoring CVSS v2
| Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
|---|---|---|---|
| Cvss Base Score | 9.3 | Attack Range | Network |
| Cvss Impact Score | 10 | Attack Complexity | Medium |
| Cvss Expoit Score | 8.6 | Authentication | None Required |
| Calculate full CVSS 2.0 Vectors scores | |||
Detail
| This security update resolves two privately reported vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a malformed Office file. An attacker who successfully exploited this vulnerability could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
CWE : Common Weakness Enumeration
| % | Id | Name |
|---|---|---|
| 100 % | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
OVAL Definitions
| Definition Id: oval:org.mitre.oval:def:5190 | |||
| Oval ID: | oval:org.mitre.oval:def:5190 | ||
| Title: | Microsoft Office Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-0118 | Version: | 5 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows XP | Product(s): | Microsoft Office 2000 Microsoft Office 2002 Microsoft Office 2003 |
| Definition Synopsis: | |||
| |||
| Definition Id: oval:org.mitre.oval:def:5421 | |||
| Oval ID: | oval:org.mitre.oval:def:5421 | ||
| Title: | Microsoft Office Cell Parsing Memory Corruption Vulnerability | ||
| Description: | Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability." | ||
| Family: | windows | Class: | vulnerability |
| Reference(s): | CVE-2008-0113 | Version: | 3 |
| Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 | Product(s): | Microsoft Word Viewer Microsoft Excel Viewer |
| Definition Synopsis: | |||
CPE : Common Platform Enumeration
| Type | Description | Count |
|---|---|---|
| Application | 1 | |
| Application | 4 |
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft Office Drawing Shapes memory corruption vulnerability | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 2008-03-30 | Microsoft Office XP SP3 PPT File Buffer Overflow Exploit (ms08-016) |
Open Source Vulnerability Database (OSVDB)
| Id | Description |
|---|---|
| 42709 | Microsoft Office Unspecified Malformed Document Handling Memory Corruption An unspecified memory corruption flaw exists in Office. With a specially crafted Office file, an attacker can cause arbitrary code execution resulting in a loss of integrity. |
| 42708 | Microsoft Office Excel Document (XLS) Cell Record Rebuilding Memory Corruption |
Information Assurance Vulnerability Management (IAVM)
| Date | Description |
|---|---|
| 2008-03-13 | IAVM : 2008-A-0014 - Microsoft Office Remote Code Execution Vulnerabilities Severity : Category II - VMSKEY : V0015761 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2014-01-10 | Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt RuleID : 26663 - Revision : 3 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt RuleID : 25587 - Revision : 6 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt RuleID : 18514 - Revision : 15 - Type : FILE-OFFICE |
| 2014-01-10 | Microsoft Office PowerPoint malformed shapeid arbitrary code execution attempt RuleID : 13572 - Revision : 22 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
| Date | Description |
|---|---|
| 2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_mar2008.nasl - Type : ACT_GATHER_INFO |
| 2008-03-11 | Name : Arbitrary code can be executed on the remote host through Microsoft Office. File : smb_nt_ms08-016.nasl - Type : ACT_GATHER_INFO |
Alert History
| Date | Informations |
|---|---|
| 2014-02-17 11:45:55 |
|
| 2014-01-19 21:30:10 |
|
| 2013-11-11 12:41:07 |
|
| 2013-05-11 00:49:18 |
|
