Vulnerability Details : CVE-2008-4211

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns."

Vulnerability category: Execute codeDenial of service

Published 2008-10-10 10:30:05

Updated 2021-05-23 00:52:45

Source MITRE

View at NVD, CVE.org

Exploit prediction scoring system (EPSS) score for CVE-2008-4211

Probability of exploitation activity in the next 30 days: 3.55%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 90 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2008-4211

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
10.0	HIGH	AV:N/AC:L/Au:N/C:C/I:C/A:C	10.0	10.0	[email protected]
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Complete Integrity Impact: Complete Availability Impact: Complete

CWE ids for CVE-2008-4211

CWE-189

Assigned by: [email protected] (Primary)

References for CVE-2008-4211

Products affected by CVE-2008-4211

Apple » Mac Os X » Version: 10.5.5
cpe:2.3:o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
Matching versions
Apple » Mac Os X Server » Version: 10.5.5
cpe:2.3:o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.1
cpe:2.3:o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.0.1 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.5 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.1.5:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 2.0.0 Iphone Edition
cpe:2.3:o:apple:iphone_os:2.0.0:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.1 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.1.1:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.2 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.1.2:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.3 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.1.3:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.4 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.1.4:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.0.2 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.0.2:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.0 Iphone Edition
cpe:2.3:o:apple:iphone_os:1.1.0:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 2.0.1 Iphone Edition
cpe:2.3:o:apple:iphone_os:2.0.1:-:iphone:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.4 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.3 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 2.1 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 2.0.2 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 2.0.1 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.0 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 2.0.0 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.5 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.1.2 Ipodtouch Edition
cpe:2.3:o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*
Matching versions
Apple » Iphone Os » Version: 1.0.0
cpe:2.3:o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
Matching versions