8.5

CVE-2008-4254

EPSS 55.04%
Veröffentlicht 10.12.2008 14:00:00
Zuletzt bearbeitet 09.04.2025 00:30:58
Quelle secure@microsoft.com
Teams Watchlist Login
Unerledigt Login

Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the "system state," aka "Hierarchical FlexGrid Control Memory Corruption Vulnerability."

Betroffene Produkte Warnungen 0 Metriken 2 CWE 0 Referenzen 11

Daten sind bereitgestellt durch National Vulnerability Database (NVD)

Microsoft ≫ Office Frontpage Version2002 Updatesp3

Microsoft ≫ Project Version2003 Updatesp3

Microsoft ≫ Project Version2007

Microsoft ≫ Project Version2007 Updatesp1

Microsoft ≫ Visual Basic Version6.0 Editionruntime_extended_files

Microsoft ≫ Visual Foxpro Version8.0 Updatesp1

Microsoft ≫ Visual Foxpro Version9.0 Updatesp1

Microsoft ≫ Visual Foxpro Version9.0 Updatesp2

Microsoft ≫ Visual Studio .Net Version2002 Updatesp1

Microsoft ≫ Visual Studio .Net Version2003 Updatesp1

Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.

EPSS Metriken
Typ	Quelle	Score	Percentile
EPSS	FIRST.org	55.04%	0.979

CVSS Metriken
Quelle	Base Score	Exploit Score	Impact Score	Vector String
nvd@nist.gov	8.5	6.8	10	AV:N/AC:M/Au:S/C:C/I:C/A:C

http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm

http://www.us-cert.gov/cas/techalerts/TA08-344A.html

US Government Resource

http://www.vupen.com/english/advisories/2008/3382

Vendor Advisory

https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-070

http://www.securitytracker.com/id?1021369

http://secunia.com/secunia_research/2007-72/

Vendor Advisory

http://www.securityfocus.com/archive/1/499059/100/0/threaded

https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5805

https://nvd.nist.gov/vuln/detail/CVE-2008-4254

CVE Source (NVD)

https://cveawg.mitre.org/api/cve/CVE-2008-4254

CVE Source (JSON)

https://euvd.enisa.europa.eu/vulnerability/CVE-2008-4254

EUVD