CVE-2008-0103

2008-02-1300:00:00

CWE-399

[email protected]

web.nvd.nist.gov

microsoft

office

vulnerability

remote attackers

arbitrary code

memory handling error

nvd

cve-2008-0103

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.6 High

AI Score

Confidence

Low

0.425 Medium

EPSS

Percentile

97.3%

JSON

Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a “memory handling error,” aka “Microsoft Office Execution Jump Vulnerability.”

Affected configurations

NVD

Node

microsoftofficeMatch2000sp3

microsoftofficeMatch2003sp2

microsoftofficeMatch2004mac\+os

microsoftofficeMatchxpsp3

CPENameOperatorVersion
microsoft:officemicrosoft officeeq2000
microsoft:officemicrosoft officeeq2003
microsoft:officemicrosoft officeeq2004
microsoft:officemicrosoft officeeqxp

CPE	Name	Operator	Version
microsoft:office	microsoft office	eq	2000
microsoft:office	microsoft office	eq	2003
microsoft:office	microsoft office	eq	2004
microsoft:office	microsoft office	eq	xp