exploitDog

CVE-2008-3018

Опубликовано: 12 авг. 2008

Источник: nvd

CVSS2: 9.3

EPSS Средний

Описание

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одновременно

cpe:2.3:o:microsoft:windows_nt:xp:sp3:*:*:*:*:*:*

Одно из

cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*

cpe:2.3:a:microsoft:office_converter_pack:*:*:*:*:*:*:*:*

cpe:2.3:a:microsoft:works:8.0:*:*:*:*:*:*:*

EPSS

Процентиль: 98%

0.50102

Средний

9.3 Critical

CVSS2

Дефекты

CWE-94

Связанные уязвимости

GHSA-wf8r-hqj6-cr36

github

почти 4 года назад

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.

EPSS

Процентиль: 98%

0.50102

Средний

9.3 Critical

CVSS2

Дефекты

CWE-94