9.3

CVE-2008-4264

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers "pointer corruption" during the loading of formulas from this spreadsheet, aka "File Format Parsing Vulnerability."

Data is provided by the National Vulnerability Database (NVD)
MicrosoftOffice Excel Version2000 Updatesp3
   MicrosoftOffice Excel Version2007
   MicrosoftOffice Excel Version2007 Updatesp1
   Microsoft20007 Office System
   Microsoft20007 Office System Versionsp1
   MicrosoftOffice Version2000 Updatesp3
   MicrosoftOffice Version2003 Updatesp3
   MicrosoftOffice Versionxp Updatesp3
MicrosoftOffice Excel Version2002 Updatesp3
   MicrosoftOffice Excel Version2007
   MicrosoftOffice Excel Version2007 Updatesp1
   Microsoft20007 Office System
   Microsoft20007 Office System Versionsp1
   MicrosoftOffice Version2000 Updatesp3
   MicrosoftOffice Version2003 Updatesp3
   MicrosoftOffice Versionxp Updatesp3
MicrosoftOffice Excel Version2003 Updatesp3
   MicrosoftOffice Excel Version2007
   MicrosoftOffice Excel Version2007 Updatesp1
   Microsoft20007 Office System
   Microsoft20007 Office System Versionsp1
   MicrosoftOffice Version2000 Updatesp3
   MicrosoftOffice Version2003 Updatesp3
   MicrosoftOffice Versionxp Updatesp3
MicrosoftOffice Version2004 Editionmac
MicrosoftOffice Version2008 Editionmac
MicrosoftOffice Excel Viewer Version2003
MicrosoftOffice Excel Viewer Version2003 Updatesp3
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Type Source Score Percentile
EPSS FIRST.org 62.48% 0.983
CVSS Metriken
Source Base Score Exploit Score Impact Score Vector string
nvd@nist.gov 9.3 8.6 10
AV:N/AC:M/Au:N/C:C/I:C/A:C