Vulnerability Details : CVE-2008-0109
Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption.
Vulnerability category: Memory CorruptionExecute code
Products affected by CVE-2008-0109
- cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*
- cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2008-0109
79.91%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 99 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2008-0109
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
9.3
|
HIGH | AV:N/AC:M/Au:N/C:C/I:C/A:C |
8.6
|
10.0
|
NIST |
CWE ids for CVE-2008-0109
-
Assigned by: nvd@nist.gov (Primary)
References for CVE-2008-0109
-
http://www.securityfocus.com/archive/1/488071/100/0/threaded
-
http://www.us-cert.gov/cas/techalerts/TA08-043C.html
Page Not Found | CISAUS Government Resource
-
http://www.vupen.com/english/advisories/2008/0511/references
Vendor Advisory
-
http://marc.info/?l=bugtraq&m=120361015026386&w=2
'[security bulletin] HPSBST02314 SSRT080016 rev.1 - Storage Management Appliance (SMA), Microsoft Pat' - MARC
-
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-009
-
http://www.securitytracker.com/id?1019374
-
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5073
-
http://www.securityfocus.com/bid/27656
-
http://www.kb.cert.org/vuls/id/692417
US Government Resource
Jump to