9.3

CVE-2008-0105

Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
MicrosoftOffice Version2003 Updatesp2
MicrosoftOffice Version2003 Updatesp3
MicrosoftWorks Version8.0
MicrosoftWorks Version2005
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 43.76% 0.986
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://marc.info/?l=bugtraq&m=120361015026386&w=2
http://www.us-cert.gov/cas/techalerts/TA08-043C.html
US Government Resource
http://secunia.com/advisories/28904
http://www.vupen.com/english/advisories/2008/0513/references
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011
http://www.securityfocus.com/bid/27658
http://www.securitytracker.com/id?1019387
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5009