Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (959070) |
Informations | |||
---|---|---|---|
Name | MS08-074 | First vendor Publication | 2008-12-09 |
Vendor | Microsoft | Last vendor Modification | 2009-01-28 |
Severity (Vendor) | Critical | Revision | 2.0 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:M/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 9.3 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Medium |
Cvss Expoit Score | 8.6 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V2.0 (January 28, 2009): Added a footnote to the Affected Software table and two entries to the section, Frequently Asked Questions (FAQ) Related to this Security Update, pertaining to security updates KB958437 and KB958439 for supported versions of Microsoft Office Excel 2007. There were no changes to the security update binaries or detection. Customers with Microsoft Office Excel 2007 or Microsoft Office Excel 2007 Service Pack 1 who have already successfully installed KB958437 and KB958439 do not need to reinstall.Summary: This security update resolves three privately reported vulnerabilities in Microsoft Office Excel that could allow remote code execution if a user opens a specially crafted Excel file. An attacker who successfully exploited these vulnerabilities could take complete control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. |
Original Source
Url : http://www.microsoft.com/technet/security/bulletin/MS08-074.mspx |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
100 % | CWE-399 | Resource Management Errors |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:5556 | |||
Oval ID: | oval:org.mitre.oval:def:5556 | ||
Title: | File Format Parsing Vulnerability | ||
Description: | Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers "pointer corruption" during the loading of formulas from this spreadsheet, aka "File Format Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-4264 | Version: | 10 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Office Excel Viewer 2003 Microsoft Office Excel Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:5614 | |||
Oval ID: | oval:org.mitre.oval:def:5614 | ||
Title: | File Format Parsing Vulnerability | ||
Description: | Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format Parsing Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-4265 | Version: | 5 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Excel 2000 |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:5808 | |||
Oval ID: | oval:org.mitre.oval:def:5808 | ||
Title: | Excel Global Array Memory Corruption Vulnerability | ||
Description: | Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Excel spreadsheet with a NAME record that contains an invalid index value, which triggers stack corruption, aka "Excel Global Array Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2008-4266 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows XP Microsoft Windows Server 2003 Microsoft Windows Vista Microsoft Windows Server 2008 | Product(s): | Microsoft Excel 2000 Microsoft Excel 2002 Microsoft Excel 2003 Microsoft Office Excel Viewer 2003 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
Type | Description | Count |
---|---|---|
Application | 3 | |
Application | 2 | |
Application | 2 | |
Application | 3 | |
Application | 1 |
SAINT Exploits
Description | Link |
---|---|
Microsoft Excel TXO and OBJ record parsing memory corruption | More info here |
OpenVAS Exploits
Date | Description |
---|---|
2008-12-10 | Name : Vulnerabilities in Microsoft Office Excel Could Allow Remote Code Execution (... File : nvt/secpod_ms08-074.nasl |
Open Source Vulnerability Database (OSVDB)
Id | Description |
---|---|
50557 | Microsoft Excel NAME Record Global Array Parsing Memory Corruption Excel, Excel Viewer, Office for Mac and Open XML File Format Converter for Mac contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel processes a spreadsheet with a NAME record that contains an invalid index value triggering stack corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
50556 | Microsoft Excel Malformed Object Record Parsing Memory Corruption Excel contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel processes a specially crafted Excel spreadsheet with a malformed object triggering memory corruption when loading the records. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
50555 | Microsoft Excel Malformed Formula Parsing Memory Corruption Excel, Excel Viewer, Office Compatibility Pack for Word, Excel and PowerPoint 2007 File Formats, Office for Mac and Open XML File Format Converter for Mac contains a flaw that may allow a malicious user to execute arbitrary code. The issue is triggered when Excel processes a specially crafted Excel spreadsheet with a malformed formula triggering pointer corruption. It is possible that the flaw may allow arbitrary code execution resulting in a loss of integrity. |
Snort® IPS/IDS
Date | Description |
---|---|
2019-10-01 | Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 51364 - Revision : 1 - Type : FILE-OFFICE |
2019-10-01 | Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 51363 - Revision : 1 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 31592 - Revision : 2 - Type : FILE-OFFICE |
2014-11-16 | Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 31591 - Revision : 3 - Type : FILE-OFFICE |
2014-02-21 | Microsoft Office Excel country record arbitrary code execution attempt RuleID : 29404 - Revision : 2 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 21932 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel TXO and OBJ records parsing stack memory corruption at... RuleID : 21931 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Micrsoft Office Excel TXO and OBJ Records Parsing Stack Memory Corruption RuleID : 17532 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Excel malformed OBJ record memory corruption attempt RuleID : 15117 - Revision : 14 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel country record arbitrary code execution attempt RuleID : 13972 - Revision : 23 - Type : FILE-OFFICE |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2010-10-20 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms_office_dec2008.nasl - Type : ACT_GATHER_INFO |
2008-12-10 | Name : Arbitrary code can be executed on the remote host through Microsoft Excel. File : smb_nt_ms08-074.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-11-16 21:25:20 |
|
2014-02-21 21:20:37 |
|
2014-02-17 11:46:08 |
|
2014-01-19 21:30:16 |
|
2013-05-11 00:49:25 |
|