Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2008-3020
HistoryAug 12, 2008 - 11:41 p.m.

CVE-2008-3020

2008-08-1223:41:00
CWE-399
[email protected]
web.nvd.nist.gov
30
4
cve-2008-3020
microsoft
office 2000
office xp
office converter pack
works 8
bmp file
vulnerability

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.751 High

EPSS

Percentile

98.2%

JSON

Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the β€œMalformed BMP Filter Vulnerability.”

Affected configurations

NVD
Node
microsoftofficeMatch2000sp3
OR
microsoftofficeMatch2003sp2
OR
microsoftofficeMatchxpsp3
OR
microsoftoffice_converter_pack
OR
microsoftworksMatch8.0

Social References

More

Related

prion 1
securityvulns 3
checkpoint_advisories 2
cvelist 1
nvd 1
seebug 1
nessus 1
openvas 2
prion
prion
Security feature bypass
2008-08-12 23:41:00
securityvulns
securityvulns
iDefense Security Advisory 08.12.08: Microsoft Office BMP Input Filter Heap Overflow Vulnerability
2008-08-13 00:00:00
Microsoft Security Bulletin MS08-044 – Critical Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
2008-08-12 00:00:00
Microsoft Office / Word / Excel / Power Point multiple security vulnerabilities
2008-08-13 00:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Office Image Filter BMP Header Buffer Overflow (MS08-044) - Ver2 (CVE-2008-3020)
2014-04-16 00:00:00
Microsoft Office Image Filter BMP Header Buffer Overflow (MS08-044; CVE-2008-1765; CVE-2008-3020)
2008-08-12 00:00:00
cvelist
cvelist
CVE-2008-3020
2008-08-12 23:00:00
nvd
nvd
CVE-2008-3020
2008-08-12 23:41:00
seebug
seebug
Microsoft Office BMPθΎ“ε…₯θΏ‡ζ»€ε™¨ε †ζΊ’ε‡ΊζΌζ΄žοΌˆMS08-044οΌ‰
2008-08-15 00:00:00
nessus
nessus
MS08-044: Vulnerabilities in Microsoft Office Filters Could Allow Remote Code Execution (924090)
2008-08-13 00:00:00
openvas
openvas
Microsoft Office Filters Could Allow Remote Code Execution Vulnerabilities (924090)
2008-08-19 00:00:00
Microsoft Office Filters Could Allow Remote Code Execution Vulnerabilities (924090)
2008-08-19 00:00:00

9.3 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

7.3 High

AI Score

Confidence

Low

0.751 High

EPSS

Percentile

98.2%

JSON
Related for CVE-2008-3020
prion1securityvulns3checkpoint_advisories2cvelist1nvd1seebug1nessus1openvas2