Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3006
HistoryAug 12, 2008 - 11:41 p.m.

CVE-2008-3006

2008-08-1223:41:00
CWE-399
[email protected]
web.nvd.nist.gov
24
microsoft office
excel
sharepoint
remote attack
arbitrary code
vulnerability
cve-2008-3006

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.706 High

EPSS

Percentile

98.0%

JSON

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country record values when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the “Excel Record Parsing Vulnerability.”

Affected configurations

NVD
Node
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatch2003sp3
OR
microsoftofficeMatch2007gold
OR
microsoftofficeMatch2007sp1
OR
microsoftofficeMatchxpsp3
OR
microsoftoffice_compatibility_packMatch2007gold
OR
microsoftoffice_compatibility_packMatch2007sp1
OR
microsoftoffice_excel_viewerMatch2003
OR
microsoftoffice_excel_viewerMatch2003gold
OR
microsoftoffice_excel_viewerMatch2003sp1
OR
microsoftsharepoint_serverMatch2007gold
OR
microsoftsharepoint_serverMatch2007sp1
Node
microsoftofficeMatch2004mac
OR
microsoftofficeMatch2008mac

Related

prion 1
nvd 1
cvelist 1
checkpoint_advisories 1
securityvulns 3
zdi 1
seebug 1
openvas 2
nessus 2
prion
prion
Spoofing
2008-08-12 23:41:00
nvd
nvd
CVE-2008-3006
2008-08-12 23:41:00
cvelist
cvelist
CVE-2008-3006
2008-08-12 23:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel COUNTRY Record Parsing Memory Corruption (MS08-043; CVE-2008-3006)
2008-08-12 00:00:00
securityvulns
securityvulns
ZDI-08-048: Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
2008-08-13 00:00:00
Microsoft Security Bulletin MS08-043 – Critical Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
2008-08-12 00:00:00
Microsoft Office / Word / Excel / Power Point multiple security vulnerabilities
2008-08-13 00:00:00
zdi
zdi
Microsoft Excel COUNTRY Record Memory Corruption Vulnerability
2008-08-12 00:00:00
seebug
seebug
Microsoft Excel COUNTRY记录内存破坏漏洞(MS08-043)
2008-08-15 00:00:00
openvas
openvas
Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
2008-08-19 00:00:00
Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
2008-08-19 00:00:00
nessus
nessus
MS08-043: Vulnerabilities in Microsoft Excel Could Allow Remote Code Execution (954066)
2008-08-13 00:00:00
MS08-043 / MS08-051: Vulnerabilities in Microsoft Could Allow Remote Code Execution (954066 / 949785) (Mac OS X)
2010-10-20 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.706 High

EPSS

Percentile

98.0%

JSON
Related for CVE-2008-3006
prion1nvd1cvelist1checkpoint_advisories1securityvulns3zdi1seebug1openvas2nessus2