Lucene search

[email protected]CVE-2008-0112

HistoryMar 11, 2008 - 11:44 p.m.

CVE-2008-0112

2008-03-1123:44:00

CWE-94

[email protected]

web.nvd.nist.gov

microsoft

excel

vulnerability

remote code execution

slk file

nvd

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.5 High

AI Score

Confidence

High

0.811 High

EPSS

Percentile

98.4%

JSON

Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka “Excel File Import Vulnerability.”

Affected configurations

NVD

Node

microsoftexcelMatch2000sp3

microsoftofficeMatch2004mac

microsoftofficeMatch2008mac

CPENameOperatorVersion
microsoft:excelmicrosoft exceleq2000
microsoft:officemicrosoft officeeq2004
microsoft:officemicrosoft officeeq2008

CPE	Name	Operator	Version
microsoft:excel	microsoft excel	eq	2000
microsoft:office	microsoft office	eq	2004
microsoft:office	microsoft office	eq	2008

References

marc.info/?l=bugtraq&m=120585858807305&w=2

www.securityfocus.com/bid/28095

www.securitytracker.com/id?1019583

www.us-cert.gov/cas/techalerts/TA08-071A.html

www.vupen.com/english/advisories/2008/0846/references

docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5284

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

9.5 High

AI Score

Confidence

High

0.811 High

EPSS

Percentile

98.4%

JSON

Related for CVE-2008-0112

cvelist1 checkpoint_advisories2 prion1 nvd1 seebug1 nessus2 securityvulns2