Detections
Analytics

CVE-2008-0119

high

Description

Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability."

References

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5303

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-027

http://www.vupen.com/english/advisories/2008/1505/references

http://www.us-cert.gov/cas/techalerts/TA08-134A.html

http://www.securitytracker.com/id?1020015

http://www.securityfocus.com/bid/29158

http://www.securityfocus.com/archive/1/492073/100/0/threaded

http://secunia.com/advisories/30150

http://marc.info/?l=bugtraq&m=121129490723574&w=2

Details

Source: Mitre, NVD

Published: 2008-05-13

Updated: 2024-11-21

Risk Information

CVSS v2

Base Score: 9.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C

Severity: High

CVSS v3

Base Score: 7.8

Vector: CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Severity: High