CVE-2008-0113

high

Description

Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5421

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016

http://www.zerodayinitiative.com/advisories/ZDI-08-008

http://www.vupen.com/english/advisories/2008/0848/references

http://www.us-cert.gov/cas/techalerts/TA08-071A.html

http://www.securitytracker.com/id?1019578

http://www.securityfocus.com/archive/1/489415/100/0/threaded

http://secunia.com/advisories/29321

http://marc.info/?l=bugtraq&m=120585858807305&w=2

Details

Source: Mitre, NVD

Published: 2008-03-11

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High