cvelistv5 - cve-2008-0081

cve-2008-0081

Vulnerability from cvelistv5

Published

2008-01-16 22:00

Modified

2025-01-17 15:12

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://secunia.com/advisories/28506	Broken Link, Vendor Advisory
secure@microsoft.com	http://securitytracker.com/id?1019200	Broken Link, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.microsoft.com/technet/security/advisory/947563.mspx	Broken Link, Patch, Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/27305	Broken Link, Patch, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA08-071A.html	Broken Link, Third Party Advisory, US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2008/0146	Broken Link, Vendor Advisory
secure@microsoft.com	http://www.vupen.com/english/advisories/2008/0846/references	Broken Link, Vendor Advisory
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014	Patch, Vendor Advisory
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/39699	Third Party Advisory, VDB Entry
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28506	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019200	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/947563.mspx	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27305	Broken Link, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-071A.html	Broken Link, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0146	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0846/references	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39699	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546	Broken Link

Impacted products

Vendor

Product

Version

▼

n/a

Version: n/a

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-07T07:32:24.157Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "1019200",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://securitytracker.com/id?1019200"
          },
          {
            "name": "oval:org.mitre.oval:def:5546",
            "tags": [
              "vdb-entry",
              "signature",
              "x_refsource_OVAL",
              "x_transferred"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
          },
          {
            "name": "microsoft-excel-unspecified-code-execution(39699)",
            "tags": [
              "vdb-entry",
              "x_refsource_XF",
              "x_transferred"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
          },
          {
            "name": "TA08-071A",
            "tags": [
              "third-party-advisory",
              "x_refsource_CERT",
              "x_transferred"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
          },
          {
            "name": "947563",
            "tags": [
              "vendor-advisory",
              "x_refsource_MSKB",
              "x_transferred"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
          },
          {
            "name": "27305",
            "tags": [
              "vdb-entry",
              "x_refsource_BID",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/bid/27305"
          },
          {
            "name": "MS08-014",
            "tags": [
              "vendor-advisory",
              "x_refsource_MS",
              "x_transferred"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
          },
          {
            "name": "SSRT080028",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
          },
          {
            "name": "HPSBST02320",
            "tags": [
              "vendor-advisory",
              "x_refsource_HP",
              "x_transferred"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
          },
          {
            "name": "ADV-2008-0146",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0146"
          },
          {
            "name": "ADV-2008-0846",
            "tags": [
              "vdb-entry",
              "x_refsource_VUPEN",
              "x_transferred"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0846/references"
          },
          {
            "name": "28506",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/28506"
          }
        ],
        "title": "CVE Program Container"
      },
      {
        "metrics": [
          {
            "cvssV3_1": {
              "attackComplexity": "LOW",
              "attackVector": "NETWORK",
              "availabilityImpact": "HIGH",
              "baseScore": 9.8,
              "baseSeverity": "CRITICAL",
              "confidentialityImpact": "HIGH",
              "integrityImpact": "HIGH",
              "privilegesRequired": "NONE",
              "scope": "UNCHANGED",
              "userInteraction": "NONE",
              "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
              "version": "3.1"
            }
          },
          {
            "other": {
              "content": {
                "id": "CVE-2008-0081",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "yes"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2024-02-09T18:08:19.346727Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "problemTypes": [
          {
            "descriptions": [
              {
                "cweId": "CWE-908",
                "description": "CWE-908 Use of Uninitialized Resource",
                "lang": "en",
                "type": "CWE"
              }
            ]
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-01-17T15:12:25.745Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2008-01-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-12T19:57:01",
        "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "shortName": "microsoft"
      },
      "references": [
        {
          "name": "1019200",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://securitytracker.com/id?1019200"
        },
        {
          "name": "oval:org.mitre.oval:def:5546",
          "tags": [
            "vdb-entry",
            "signature",
            "x_refsource_OVAL"
          ],
          "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
        },
        {
          "name": "microsoft-excel-unspecified-code-execution(39699)",
          "tags": [
            "vdb-entry",
            "x_refsource_XF"
          ],
          "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
        },
        {
          "name": "TA08-071A",
          "tags": [
            "third-party-advisory",
            "x_refsource_CERT"
          ],
          "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
        },
        {
          "name": "947563",
          "tags": [
            "vendor-advisory",
            "x_refsource_MSKB"
          ],
          "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
        },
        {
          "name": "27305",
          "tags": [
            "vdb-entry",
            "x_refsource_BID"
          ],
          "url": "http://www.securityfocus.com/bid/27305"
        },
        {
          "name": "MS08-014",
          "tags": [
            "vendor-advisory",
            "x_refsource_MS"
          ],
          "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
        },
        {
          "name": "SSRT080028",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
        },
        {
          "name": "HPSBST02320",
          "tags": [
            "vendor-advisory",
            "x_refsource_HP"
          ],
          "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
        },
        {
          "name": "ADV-2008-0146",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0146"
        },
        {
          "name": "ADV-2008-0846",
          "tags": [
            "vdb-entry",
            "x_refsource_VUPEN"
          ],
          "url": "http://www.vupen.com/english/advisories/2008/0846/references"
        },
        {
          "name": "28506",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/28506"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secure@microsoft.com",
          "ID": "CVE-2008-0081",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "1019200",
              "refsource": "SECTRACK",
              "url": "http://securitytracker.com/id?1019200"
            },
            {
              "name": "oval:org.mitre.oval:def:5546",
              "refsource": "OVAL",
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
            },
            {
              "name": "microsoft-excel-unspecified-code-execution(39699)",
              "refsource": "XF",
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
            },
            {
              "name": "TA08-071A",
              "refsource": "CERT",
              "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
            },
            {
              "name": "947563",
              "refsource": "MSKB",
              "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
            },
            {
              "name": "27305",
              "refsource": "BID",
              "url": "http://www.securityfocus.com/bid/27305"
            },
            {
              "name": "MS08-014",
              "refsource": "MS",
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
            },
            {
              "name": "SSRT080028",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
            },
            {
              "name": "HPSBST02320",
              "refsource": "HP",
              "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
            },
            {
              "name": "ADV-2008-0146",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0146"
            },
            {
              "name": "ADV-2008-0846",
              "refsource": "VUPEN",
              "url": "http://www.vupen.com/english/advisories/2008/0846/references"
            },
            {
              "name": "28506",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/28506"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
    "assignerShortName": "microsoft",
    "cveId": "CVE-2008-0081",
    "datePublished": "2008-01-16T22:00:00",
    "dateReserved": "2008-01-03T00:00:00",
    "dateUpdated": "2025-01-17T15:12:25.745Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"439B26BA-376C-4D6B-B7BA-B66B8BDA8E37\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*\", \"matchCriteriaId\": \"896E23B1-AB34-43FF-96F3-BA6ED7F162AF\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*\", \"matchCriteriaId\": \"A07483B7-E30C-43F3-B54B-2864BE9AD704\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"FDB0020C-A804-4003-B411-1AC7A6E7193E\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*\", \"matchCriteriaId\": \"0B191155-67F2-4C6E-BD0C-AF5AF6F04BA1\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \\\"Macro Validation Vulnerability,\\\" a different vulnerability than CVE-2007-3490.\"}, {\"lang\": \"es\", \"value\": \"Una vulnerabilidad no especificada en Microsoft Excel 2000 SP3 hasta 2003 SP2, Viewer 2003 y Office 2004 para Mac, permite a atacantes remotos asistidos por el usuario ejecutar c\\u00f3digo arbitrario por medio de macros dise\\u00f1adas, tambi\\u00e9n se conoce como \\\"VMacro Validation Vulnerability,\\\" una vulnerabilidad diferente de CVE-2007-3490.\"}]",
      "id": "CVE-2008-0081",
      "lastModified": "2024-11-21T00:41:07.470",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:M/Au:N/C:C/I:C/A:C\", \"baseScore\": 9.3, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"MEDIUM\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"COMPLETE\", \"integrityImpact\": \"COMPLETE\", \"availabilityImpact\": \"COMPLETE\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 8.6, \"impactScore\": 10.0, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2008-01-16T23:00:00.000",
      "references": "[{\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://secunia.com/advisories/28506\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1019200\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/947563.mspx\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/27305\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0146\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0846/references\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\", \"source\": \"secure@microsoft.com\", \"tags\": [\"Broken Link\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\"]}, {\"url\": \"http://secunia.com/advisories/28506\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://securitytracker.com/id?1019200\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/947563.mspx\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"http://www.securityfocus.com/bid/27305\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Patch\", \"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Third Party Advisory\", \"US Government Resource\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0146\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0846/references\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\", \"Vendor Advisory\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\", \"VDB Entry\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Broken Link\"]}]",
      "sourceIdentifier": "secure@microsoft.com",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-908\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2008-0081\",\"sourceIdentifier\":\"secure@microsoft.com\",\"published\":\"2008-01-16T23:00:00.000\",\"lastModified\":\"2025-01-17T16:15:24.647\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \\\"Macro Validation Vulnerability,\\\" a different vulnerability than CVE-2007-3490.\"},{\"lang\":\"es\",\"value\":\"Una vulnerabilidad no especificada en Microsoft Excel 2000 SP3 hasta 2003 SP2, Viewer 2003 y Office 2004 para Mac, permite a atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de macros dise\u00f1adas, tambi\u00e9n se conoce como \\\"VMacro Validation Vulnerability,\\\" una vulnerabilidad diferente de CVE-2007-3490.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:M/Au:N/C:C/I:C/A:C\",\"baseScore\":9.3,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"MEDIUM\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"COMPLETE\",\"integrityImpact\":\"COMPLETE\",\"availabilityImpact\":\"COMPLETE\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":8.6,\"impactScore\":10.0,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]},{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-908\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"439B26BA-376C-4D6B-B7BA-B66B8BDA8E37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"896E23B1-AB34-43FF-96F3-BA6ED7F162AF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*\",\"matchCriteriaId\":\"A07483B7-E30C-43F3-B54B-2864BE9AD704\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"FDB0020C-A804-4003-B411-1AC7A6E7193E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*\",\"matchCriteriaId\":\"0B191155-67F2-4C6E-BD0C-AF5AF6F04BA1\"}]}]}],\"references\":[{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/28506\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1019200\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/947563.mspx\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/27305\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0146\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0846/references\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\",\"source\":\"secure@microsoft.com\",\"tags\":[\"Broken Link\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\"]},{\"url\":\"http://secunia.com/advisories/28506\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://securitytracker.com/id?1019200\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.microsoft.com/technet/security/advisory/947563.mspx\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/bid/27305\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Patch\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Third Party Advisory\",\"US Government Resource\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0146\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"http://www.vupen.com/english/advisories/2008/0846/references\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\",\"Vendor Advisory\"]},{\"url\":\"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Broken Link\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CVE Program Container\", \"references\": [{\"url\": \"http://securitytracker.com/id?1019200\", \"name\": \"1019200\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\", \"x_transferred\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\", \"name\": \"oval:org.mitre.oval:def:5546\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\", \"x_transferred\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\", \"name\": \"microsoft-excel-unspecified-code-execution(39699)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\", \"x_transferred\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\", \"name\": \"TA08-071A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\", \"x_transferred\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/947563.mspx\", \"name\": \"947563\", \"tags\": [\"vendor-advisory\", \"x_refsource_MSKB\", \"x_transferred\"]}, {\"url\": \"http://www.securityfocus.com/bid/27305\", \"name\": \"27305\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\", \"x_transferred\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\", \"name\": \"MS08-014\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"name\": \"SSRT080028\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"name\": \"HPSBST02320\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0146\", \"name\": \"ADV-2008-0146\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0846/references\", \"name\": \"ADV-2008-0846\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\", \"x_transferred\"]}, {\"url\": \"http://secunia.com/advisories/28506\", \"name\": \"28506\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\", \"x_transferred\"]}], \"providerMetadata\": {\"orgId\": \"af854a3a-2127-422b-91ae-364da2661108\", \"shortName\": \"CVE\", \"dateUpdated\": \"2024-08-07T07:32:24.157Z\"}}, {\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"cvssV3_1\": {\"scope\": \"UNCHANGED\", \"version\": \"3.1\", \"baseScore\": 9.8, \"attackVector\": \"NETWORK\", \"baseSeverity\": \"CRITICAL\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"integrityImpact\": \"HIGH\", \"userInteraction\": \"NONE\", \"attackComplexity\": \"LOW\", \"availabilityImpact\": \"HIGH\", \"privilegesRequired\": \"NONE\", \"confidentialityImpact\": \"HIGH\"}}, {\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2008-0081\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"yes\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2024-02-09T18:08:19.346727Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-908\", \"description\": \"CWE-908 Use of Uninitialized Resource\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-01-17T15:12:06.994Z\"}}], \"cna\": {\"affected\": [{\"vendor\": \"n/a\", \"product\": \"n/a\", \"versions\": [{\"status\": \"affected\", \"version\": \"n/a\"}]}], \"datePublic\": \"2008-01-15T00:00:00\", \"references\": [{\"url\": \"http://securitytracker.com/id?1019200\", \"name\": \"1019200\", \"tags\": [\"vdb-entry\", \"x_refsource_SECTRACK\"]}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\", \"name\": \"oval:org.mitre.oval:def:5546\", \"tags\": [\"vdb-entry\", \"signature\", \"x_refsource_OVAL\"]}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\", \"name\": \"microsoft-excel-unspecified-code-execution(39699)\", \"tags\": [\"vdb-entry\", \"x_refsource_XF\"]}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\", \"name\": \"TA08-071A\", \"tags\": [\"third-party-advisory\", \"x_refsource_CERT\"]}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/947563.mspx\", \"name\": \"947563\", \"tags\": [\"vendor-advisory\", \"x_refsource_MSKB\"]}, {\"url\": \"http://www.securityfocus.com/bid/27305\", \"name\": \"27305\", \"tags\": [\"vdb-entry\", \"x_refsource_BID\"]}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\", \"name\": \"MS08-014\", \"tags\": [\"vendor-advisory\", \"x_refsource_MS\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"name\": \"SSRT080028\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"name\": \"HPSBST02320\", \"tags\": [\"vendor-advisory\", \"x_refsource_HP\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0146\", \"name\": \"ADV-2008-0146\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0846/references\", \"name\": \"ADV-2008-0846\", \"tags\": [\"vdb-entry\", \"x_refsource_VUPEN\"]}, {\"url\": \"http://secunia.com/advisories/28506\", \"name\": \"28506\", \"tags\": [\"third-party-advisory\", \"x_refsource_SECUNIA\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \\\"Macro Validation Vulnerability,\\\" a different vulnerability than CVE-2007-3490.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"text\", \"description\": \"n/a\"}]}], \"providerMetadata\": {\"orgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"shortName\": \"microsoft\", \"dateUpdated\": \"2018-10-12T19:57:01\"}, \"x_legacyV4Record\": {\"affects\": {\"vendor\": {\"vendor_data\": [{\"product\": {\"product_data\": [{\"version\": {\"version_data\": [{\"version_value\": \"n/a\"}]}, \"product_name\": \"n/a\"}]}, \"vendor_name\": \"n/a\"}]}}, \"data_type\": \"CVE\", \"references\": {\"reference_data\": [{\"url\": \"http://securitytracker.com/id?1019200\", \"name\": \"1019200\", \"refsource\": \"SECTRACK\"}, {\"url\": \"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546\", \"name\": \"oval:org.mitre.oval:def:5546\", \"refsource\": \"OVAL\"}, {\"url\": \"https://exchange.xforce.ibmcloud.com/vulnerabilities/39699\", \"name\": \"microsoft-excel-unspecified-code-execution(39699)\", \"refsource\": \"XF\"}, {\"url\": \"http://www.us-cert.gov/cas/techalerts/TA08-071A.html\", \"name\": \"TA08-071A\", \"refsource\": \"CERT\"}, {\"url\": \"http://www.microsoft.com/technet/security/advisory/947563.mspx\", \"name\": \"947563\", \"refsource\": \"MSKB\"}, {\"url\": \"http://www.securityfocus.com/bid/27305\", \"name\": \"27305\", \"refsource\": \"BID\"}, {\"url\": \"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014\", \"name\": \"MS08-014\", \"refsource\": \"MS\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"name\": \"SSRT080028\", \"refsource\": \"HP\"}, {\"url\": \"http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2\", \"name\": \"HPSBST02320\", \"refsource\": \"HP\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0146\", \"name\": \"ADV-2008-0146\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://www.vupen.com/english/advisories/2008/0846/references\", \"name\": \"ADV-2008-0846\", \"refsource\": \"VUPEN\"}, {\"url\": \"http://secunia.com/advisories/28506\", \"name\": \"28506\", \"refsource\": \"SECUNIA\"}]}, \"data_format\": \"MITRE\", \"description\": {\"description_data\": [{\"lang\": \"eng\", \"value\": \"Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \\\"Macro Validation Vulnerability,\\\" a different vulnerability than CVE-2007-3490.\"}]}, \"problemtype\": {\"problemtype_data\": [{\"description\": [{\"lang\": \"eng\", \"value\": \"n/a\"}]}]}, \"data_version\": \"4.0\", \"CVE_data_meta\": {\"ID\": \"CVE-2008-0081\", \"STATE\": \"PUBLIC\", \"ASSIGNER\": \"secure@microsoft.com\"}}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2008-0081\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-01-17T15:12:25.745Z\", \"dateReserved\": \"2008-01-03T00:00:00\", \"assignerOrgId\": \"f38d906d-7342-40ea-92c1-6c4a2c6478c8\", \"datePublished\": \"2008-01-16T22:00:00\", \"assignerShortName\": \"microsoft\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}

ghsa-h6j8-g36h-j99v

Vulnerability from github

Published

2022-05-01 23:27

Modified

2024-02-09 00:31

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Details

Show details on source website

JSON

To clipboard

{
  "affected": [],
  "aliases": [
    "CVE-2008-0081"
  ],
  "database_specific": {
    "cwe_ids": [
      "CWE-908"
    ],
    "github_reviewed": false,
    "github_reviewed_at": null,
    "nvd_published_at": "2008-01-16T23:00:00Z",
    "severity": "HIGH"
  },
  "details": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490.",
  "id": "GHSA-h6j8-g36h-j99v",
  "modified": "2024-02-09T00:31:33Z",
  "published": "2022-05-01T23:27:33Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://nvd.nist.gov/vuln/detail/CVE-2008-0081"
    },
    {
      "type": "WEB",
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
    },
    {
      "type": "WEB",
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
    },
    {
      "type": "WEB",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
    },
    {
      "type": "WEB",
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "type": "WEB",
      "url": "http://secunia.com/advisories/28506"
    },
    {
      "type": "WEB",
      "url": "http://securitytracker.com/id?1019200"
    },
    {
      "type": "WEB",
      "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
    },
    {
      "type": "WEB",
      "url": "http://www.securityfocus.com/bid/27305"
    },
    {
      "type": "WEB",
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0146"
    },
    {
      "type": "WEB",
      "url": "http://www.vupen.com/english/advisories/2008/0846/references"
    }
  ],
  "schema_version": "1.4.0",
  "severity": [
    {
      "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
      "type": "CVSS_V3"
    }
  ]
}

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490. Microsoft Excel for, Excel There is a memory corruption vulnerability due to a flaw in the handling of file headers.crafted by a third party Excel The file may lead to arbitrary code execution. Microsoft Excel is prone to a remote code-execution vulnerability. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. There are multiple code execution vulnerabilities in the way of processing data when Excel imports files, the way of processing Style record data, the way of processing conditional format values, and the way of processing macros.

A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched.

NOTE: According to Microsoft, this is currently being actively exploited.

SOLUTION: Do not open untrusted Excel files. Please see the vendor's advisory for details.

PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day.

ORIGINAL ADVISORY: Microsoft (KB947563): http://www.microsoft.com/technet/security/advisory/947563.mspx

About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities.

Subscribe: http://secunia.com/secunia_security_advisories/

Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/

Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor.

Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

 National Cyber Alert System

Technical Cyber Security Alert TA08-071A

Microsoft Updates for Multiple Vulnerabilities

Original release date: March 11, 2008 Last revised: -- Source: US-CERT

Systems Affected

 * Microsoft Office
 * Microsoft Outlook
 * Microsoft Excel
 * Microsoft Excel Viewer
 * Microsoft Office for Mac
 * Microsoft Office Web Componenets

Overview

Microsoft has released updates that address vulnerabilities in Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components.

I. Description

Microsoft has released updates to address vulnerabilities that affect Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components as part of the Microsoft Security Bulletin Summary for March 2008. For more information, see the US-CERT Vulnerability Notes Database.

II.

III. Solution

Apply updates from Microsoft

Microsoft has provided updates for these vulnerabilities in the March 2008 security bulletin. The security bulletin describe any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS).

IV. References

US-CERT Vulnerability Notes for Microsoft March 2008 updates
http://www.kb.cert.org/vuls/byid?searchview&query=ms08-mar
Microsoft Security Bulletin Summary for March 2008
http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx
Microsoft Update - https://www.update.microsoft.com/microsoftupdate/
Windows Server Update Services - http://www.microsoft.com/windowsserversystem/updateservices/default.mspx

The most recent version of this document can be found at:

<http://www.us-cert.gov/cas/techalerts/TA08-071A.html>

Feedback can be directed to US-CERT Technical Staff. Please send email to cert@cert.org with "TA08-071A Feedback VU#393305" in the subject.

For instructions on subscribing to or unsubscribing from this mailing list, visit http://www.us-cert.gov/cas/signup.html.

Produced 2008 by US-CERT, a government organization.

<http://www.us-cert.gov/legal.html>

-----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux)

iQEVAwUBR9b0APRFkHkM87XOAQLTUwf9HHlM9vQfwMpmCv77RuJKdZgdn5bNTPQA HjsABoxmVZzE4XnArclHPyMivO8x/oel6UFvZgG/h2oGFarK7h1WpvCFQKE/cNO8 c5o0tRhxMx+ri7w7DnkhmhbWTLQ8coqKjzAioKoc2mboNz+PamQO22INjS3ktOyL dRA+qwxSsPN3Bi7NDS2DOdUeAA+VdMn0cQTDLHJ7ZPhzy7JOiVXwQwyO3CwNDeOl C6+FGSk8o1BsMjdP6kRaGnQkgivBi1ID4dcAQA8h0K2IGDPkCBIYiGTvj9pNnpwZ lrP6DdHyd2idzGEXr2R0VlTQPrhabs+YpZq+qzVh6f2tg+Lc9xBwHg== =aCnE -----END PGP SIGNATURE-----

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-200801-0023",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "excel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "excel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "microsoft",
        "version": "2002"
      },
      {
        "model": "excel",
        "scope": "eq",
        "trust": 1.9,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "excel viewer",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "office",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "microsoft",
        "version": "2004"
      },
      {
        "model": "microsoft office",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "2007"
      },
      {
        "model": "microsoft excel viewer",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": null
      },
      {
        "model": "microsoft office \u4e92\u63db\u6a5f\u80fd\u30d1\u30c3\u30af",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": null
      },
      {
        "model": "microsoft office",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "2003"
      },
      {
        "model": "microsoft office",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "compatibility pack"
      },
      {
        "model": "microsoft excel",
        "scope": null,
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": null
      },
      {
        "model": "microsoft office",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "xp"
      },
      {
        "model": "microsoft office",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "2004 (mac_os)"
      },
      {
        "model": "microsoft office",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "\u30de\u30a4\u30af\u30ed\u30bd\u30d5\u30c8",
        "version": "2000"
      },
      {
        "model": "office xp sp3",
        "scope": null,
        "trust": 0.3,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "office xp sp2",
        "scope": null,
        "trust": 0.3,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "office xp sp1",
        "scope": null,
        "trust": 0.3,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "office xp",
        "scope": null,
        "trust": 0.3,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "office for mac",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20040"
      },
      {
        "model": "office sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "office sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "office sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "office",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20030"
      },
      {
        "model": "office",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20020"
      },
      {
        "model": "office sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "office sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "office",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "internet explorer for unix sp2",
        "scope": null,
        "trust": 0.3,
        "vendor": "microsoft",
        "version": null
      },
      {
        "model": "excel viewer",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20030"
      },
      {
        "model": "excel for mac",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "20040"
      },
      {
        "model": "excel sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "excel sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "excel sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2003"
      },
      {
        "model": "excel sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2002"
      },
      {
        "model": "excel sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2002"
      },
      {
        "model": "excel sp1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2002"
      },
      {
        "model": "excel sr1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "excel sp3",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2000"
      },
      {
        "model": "excel sp2",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "microsoft",
        "version": "2000"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "27305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Bing LiuMoti JosephDan Hubbard",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      }
    ],
    "trust": 0.6
  },
  "cve": "CVE-2008-0081",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Medium",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Complete",
            "baseScore": 9.3,
            "confidentialityImpact": "Complete",
            "exploitabilityScore": null,
            "id": "CVE-2008-0081",
            "impactScore": null,
            "integrityImpact": "Complete",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
            "version": "2.0"
          },
          {
            "accessComplexity": "MEDIUM",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "COMPLETE",
            "baseScore": 9.3,
            "confidentialityImpact": "COMPLETE",
            "exploitabilityScore": 8.6,
            "id": "VHN-30206",
            "impactScore": 10.0,
            "integrityImpact": "COMPLETE",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:M/AU:N/C:C/I:C/A:C",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2008-0081",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2008-0081",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-200801-246",
            "trust": 0.6,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-30206",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490. Microsoft Excel for, Excel There is a memory corruption vulnerability due to a flaw in the handling of file headers.crafted by a third party Excel The file may lead to arbitrary code execution. Microsoft Excel is prone to a remote code-execution vulnerability. \nAn attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. There are multiple code execution vulnerabilities in the way of processing data when Excel imports files, the way of processing Style record data, the way of processing conditional format values, and the way of processing macros. \n\n----------------------------------------------------------------------\n\nA new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI\nhas been released. The new version includes many new and advanced\nfeatures, which makes it even easier to stay patched. \n\nNOTE: According to Microsoft, this is currently being actively\nexploited. \n\nSOLUTION:\nDo not open untrusted Excel files. Please see the vendor\u0027s advisory for details. \n\nPROVIDED AND/OR DISCOVERED BY:\nDiscovered as a 0-day. \n\nORIGINAL ADVISORY:\nMicrosoft (KB947563):\nhttp://www.microsoft.com/technet/security/advisory/947563.mspx\n\n----------------------------------------------------------------------\n\nAbout:\nThis Advisory was delivered by Secunia as a free service to help\neverybody keeping their systems up to date against the latest\nvulnerabilities. \n\nSubscribe:\nhttp://secunia.com/secunia_security_advisories/\n\nDefinitions: (Criticality, Where etc.)\nhttp://secunia.com/about_secunia_advisories/\n\n\nPlease Note:\nSecunia recommends that you verify all advisories you receive by\nclicking the link. \nSecunia NEVER sends attached files with advisories. \nSecunia does not advise people to install third party patches, only\nuse those supplied by the vendor. \n\n----------------------------------------------------------------------\n\nUnsubscribe: Secunia Security Advisories\nhttp://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org\n\n----------------------------------------------------------------------\n\n\n. \n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n\n\t National Cyber Alert System\n\n   Technical Cyber Security Alert TA08-071A\n\nMicrosoft Updates for Multiple Vulnerabilities\n\n   Original release date: March 11, 2008\n   Last revised: --\n   Source: US-CERT\n\nSystems Affected\n\n     * Microsoft Office\n     * Microsoft Outlook\n     * Microsoft Excel\n     * Microsoft Excel Viewer\n     * Microsoft Office for Mac\n     * Microsoft Office Web Componenets\n\nOverview\n\n   Microsoft   has  released  updates  that  address  vulnerabilities  in\n   Microsoft  Office,  Outlook,  Excel, Excel Viewer, Office for Mac, and\n   Office Web Components. \n\nI. Description\n\n   Microsoft  has released updates to address vulnerabilities that affect\n   Microsoft  Office,  Outlook,  Excel, Excel Viewer, Office for Mac, and\n   Office  Web  Components  as  part  of  the Microsoft Security Bulletin\n   Summary  for March 2008. For more\n   information, see the US-CERT Vulnerability Notes Database. \n\nII. \n\nIII. Solution\n\nApply updates from Microsoft\n\n   Microsoft  has provided updates for these vulnerabilities in the March\n   2008  security  bulletin.  The  security  bulletin  describe any known\n   issues  related  to the updates. Administrators are encouraged to note\n   these   issues   and   test   for  any  potentially  adverse  effects. \n   Administrators  should consider using an automated update distribution\n   system such as Windows Server Update Services (WSUS). \n\nIV. References\n\n * US-CERT  Vulnerability  Notes  for  Microsoft March 2008 updates\n   - \u003chttp://www.kb.cert.org/vuls/byid?searchview\u0026query=ms08-mar\u003e\n\n * Microsoft Security Bulletin Summary for March 2008\n   - \u003chttp://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx\u003e\n\n * Microsoft Update - \u003chttps://www.update.microsoft.com/microsoftupdate/\u003e\n\n * Windows Server Update Services - \u003chttp://www.microsoft.com/windowsserversystem/updateservices/default.mspx\u003e\n\n _________________________________________________________________\n\n  The most recent version of this document can be found at:\n\n    \u003chttp://www.us-cert.gov/cas/techalerts/TA08-071A.html\u003e\n _________________________________________________________________\n\n  Feedback can be directed to US-CERT Technical Staff. Please send\n  email to \u003ccert@cert.org\u003e with \"TA08-071A Feedback VU#393305\" in the\n  subject. \n _________________________________________________________________\n\n  For instructions on subscribing to or unsubscribing from this\n  mailing list, visit \u003chttp://www.us-cert.gov/cas/signup.html\u003e. \n _________________________________________________________________\n\n  Produced 2008 by US-CERT, a government organization. \n\n  Terms of use:\n\n    \u003chttp://www.us-cert.gov/legal.html\u003e\n\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.2.1 (GNU/Linux)\n\niQEVAwUBR9b0APRFkHkM87XOAQLTUwf9HHlM9vQfwMpmCv77RuJKdZgdn5bNTPQA\nHjsABoxmVZzE4XnArclHPyMivO8x/oel6UFvZgG/h2oGFarK7h1WpvCFQKE/cNO8\nc5o0tRhxMx+ri7w7DnkhmhbWTLQ8coqKjzAioKoc2mboNz+PamQO22INjS3ktOyL\ndRA+qwxSsPN3Bi7NDS2DOdUeAA+VdMn0cQTDLHJ7ZPhzy7JOiVXwQwyO3CwNDeOl\nC6+FGSk8o1BsMjdP6kRaGnQkgivBi1ID4dcAQA8h0K2IGDPkCBIYiGTvj9pNnpwZ\nlrP6DdHyd2idzGEXr2R0VlTQPrhabs+YpZq+qzVh6f2tg+Lc9xBwHg==\n=aCnE\n-----END PGP SIGNATURE-----\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "BID",
        "id": "27305"
      },
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "db": "PACKETSTORM",
        "id": "62693"
      },
      {
        "db": "PACKETSTORM",
        "id": "64511"
      }
    ],
    "trust": 2.16
  },
  "exploit_availability": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/exploit_availability#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "reference": "https://www.scap.org.cn/vuln/vhn-30206",
        "trust": 0.1,
        "type": "unknown"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      }
    ]
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2008-0081",
        "trust": 3.6
      },
      {
        "db": "BID",
        "id": "27305",
        "trust": 2.8
      },
      {
        "db": "USCERT",
        "id": "TA08-071A",
        "trust": 2.6
      },
      {
        "db": "SECUNIA",
        "id": "28506",
        "trust": 2.6
      },
      {
        "db": "SECTRACK",
        "id": "1019200",
        "trust": 2.5
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-0846",
        "trust": 1.7
      },
      {
        "db": "VUPEN",
        "id": "ADV-2008-0146",
        "trust": 1.7
      },
      {
        "db": "XF",
        "id": "39699",
        "trust": 1.4
      },
      {
        "db": "USCERT",
        "id": "SA08-071A",
        "trust": 0.8
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031",
        "trust": 0.8
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246",
        "trust": 0.7
      },
      {
        "db": "MS",
        "id": "MS08-014",
        "trust": 0.6
      },
      {
        "db": "CERT/CC",
        "id": "TA08-071A",
        "trust": 0.6
      },
      {
        "db": "HP",
        "id": "SSRT080028",
        "trust": 0.6
      },
      {
        "db": "EXPLOIT-DB",
        "id": "5287",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-30206",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "62693",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "64511",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "db": "BID",
        "id": "27305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "PACKETSTORM",
        "id": "62693"
      },
      {
        "db": "PACKETSTORM",
        "id": "64511"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "id": "VAR-200801-0023",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-02-29T22:55:27.112000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "MS08-014e Fujitsu Fujitsu \u00a0 Public vulnerability information",
        "trust": 0.8,
        "url": "http://support.microsoft.com/?scid=kb%3ben-us%3b949029\u0026x=19\u0026y=10"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-908",
        "trust": 1.0
      },
      {
        "problemtype": "Use of uninitialized resources (CWE-908) [NVD evaluation ]",
        "trust": 0.8
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 2.5,
        "url": "http://www.securityfocus.com/bid/27305"
      },
      {
        "trust": 2.5,
        "url": "http://www.us-cert.gov/cas/techalerts/ta08-071a.html"
      },
      {
        "trust": 2.5,
        "url": "http://securitytracker.com/id?1019200"
      },
      {
        "trust": 2.5,
        "url": "http://secunia.com/advisories/28506"
      },
      {
        "trust": 2.1,
        "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
      },
      {
        "trust": 1.6,
        "url": "http://www.symantec.com/security_response/writeup.jsp?docid=2008-030516-1836-99"
      },
      {
        "trust": 1.6,
        "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
      },
      {
        "trust": 1.4,
        "url": "http://xforce.iss.net/xforce/xfdb/39699"
      },
      {
        "trust": 1.4,
        "url": "http://www.frsirt.com/english/advisories/2008/0146"
      },
      {
        "trust": 1.1,
        "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
      },
      {
        "trust": 1.1,
        "url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5546"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/0146"
      },
      {
        "trust": 1.1,
        "url": "http://www.vupen.com/english/advisories/2008/0846/references"
      },
      {
        "trust": 1.1,
        "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
      },
      {
        "trust": 0.9,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms08-014.mspx"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/cert/jvnta08-071a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://jvn.jp/tr/trta08-071a/index.html"
      },
      {
        "trust": 0.8,
        "url": "http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0081"
      },
      {
        "trust": 0.8,
        "url": "http://www.jpcert.or.jp/at/2008/at080004.txt"
      },
      {
        "trust": 0.8,
        "url": "http://www.cyberpolice.go.jp/important/2008/20080421_160353.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.us-cert.gov/cas/alerts/sa08-071a.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.ipa.go.jp/security/ciadr/vul/20080312-ms08-014.html"
      },
      {
        "trust": 0.8,
        "url": "http://www.iss.net/threats/288.html"
      },
      {
        "trust": 0.8,
        "url": "http://isc.sans.org/diary.html?storyid=4117"
      },
      {
        "trust": 0.8,
        "url": "http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=troj%5fmdrop%2eah"
      },
      {
        "trust": 0.6,
        "url": "http://www.frsirt.com/english/advisories/2008/0846/references"
      },
      {
        "trust": 0.6,
        "url": "http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5546"
      },
      {
        "trust": 0.3,
        "url": "http://office.microsoft.com/excel"
      },
      {
        "trust": 0.3,
        "url": "http://support.microsoft.com/kb/935865"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.technet.com/swi/archive/2008/03/11/the-case-of-the-uninitialized-stack-variable-vulnerability.aspx"
      },
      {
        "trust": 0.3,
        "url": "http://blogs.technet.com/msrc/archive/2008/01/15/msrc-blog-security-advisory-947563.aspx"
      },
      {
        "trust": 0.1,
        "url": "http://marc.info/?l=bugtraq\u0026amp;m=120585858807305\u0026amp;w=2"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/secunia_security_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2276/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2275/"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/?page=changelog"
      },
      {
        "trust": 0.1,
        "url": "https://psi.secunia.com/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/advisories/28506/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4043/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/3054/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/24/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/7700/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/4970/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2278/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/2277/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/about_secunia_advisories/"
      },
      {
        "trust": 0.1,
        "url": "http://secunia.com/product/8713/"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/signup.html\u003e."
      },
      {
        "trust": 0.1,
        "url": "http://www.kb.cert.org/vuls/byid?searchview\u0026query=ms08-mar\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/windowsserversystem/updateservices/default.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/cas/techalerts/ta08-071a.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx\u003e"
      },
      {
        "trust": 0.1,
        "url": "http://www.us-cert.gov/legal.html\u003e"
      },
      {
        "trust": 0.1,
        "url": "https://www.update.microsoft.com/microsoftupdate/\u003e"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "db": "BID",
        "id": "27305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "PACKETSTORM",
        "id": "62693"
      },
      {
        "db": "PACKETSTORM",
        "id": "64511"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "db": "BID",
        "id": "27305"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "db": "PACKETSTORM",
        "id": "62693"
      },
      {
        "db": "PACKETSTORM",
        "id": "64511"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2008-01-16T00:00:00",
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "date": "2008-01-15T00:00:00",
        "db": "BID",
        "id": "27305"
      },
      {
        "date": "2008-01-30T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "date": "2008-01-17T04:45:41",
        "db": "PACKETSTORM",
        "id": "62693"
      },
      {
        "date": "2008-03-13T04:19:58",
        "db": "PACKETSTORM",
        "id": "64511"
      },
      {
        "date": "2008-01-16T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "date": "2008-01-16T23:00:00",
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-10-12T00:00:00",
        "db": "VULHUB",
        "id": "VHN-30206"
      },
      {
        "date": "2008-04-08T22:18:00",
        "db": "BID",
        "id": "27305"
      },
      {
        "date": "2024-02-29T02:58:00",
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      },
      {
        "date": "2008-09-05T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      },
      {
        "date": "2024-02-08T23:42:31.667000",
        "db": "NVD",
        "id": "CVE-2008-0081"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "64511"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Microsoft\u00a0Excel\u00a0 memory corruption vulnerability in",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2008-001031"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "design error",
    "sources": [
      {
        "db": "CNNVD",
        "id": "CNNVD-200801-246"
      }
    ],
    "trust": 0.6
  }
}

fkie_cve-2008-0081

Vulnerability from fkie_nvd

Published

2008-01-16 23:00

Modified

2025-01-17 16:15

Severity ?

9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
9.8 (Critical) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Summary

References

URL	Tags
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
secure@microsoft.com	http://secunia.com/advisories/28506	Broken Link, Vendor Advisory
secure@microsoft.com	http://securitytracker.com/id?1019200	Broken Link, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.microsoft.com/technet/security/advisory/947563.mspx	Broken Link, Patch, Vendor Advisory
secure@microsoft.com	http://www.securityfocus.com/bid/27305	Broken Link, Patch, Third Party Advisory, VDB Entry
secure@microsoft.com	http://www.us-cert.gov/cas/techalerts/TA08-071A.html	Broken Link, Third Party Advisory, US Government Resource
secure@microsoft.com	http://www.vupen.com/english/advisories/2008/0146	Broken Link, Vendor Advisory
secure@microsoft.com	http://www.vupen.com/english/advisories/2008/0846/references	Broken Link, Vendor Advisory
secure@microsoft.com	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014	Patch, Vendor Advisory
secure@microsoft.com	https://exchange.xforce.ibmcloud.com/vulnerabilities/39699	Third Party Advisory, VDB Entry
secure@microsoft.com	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546	Broken Link
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://marc.info/?l=bugtraq&m=120585858807305&w=2	Mailing List
af854a3a-2127-422b-91ae-364da2661108	http://secunia.com/advisories/28506	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://securitytracker.com/id?1019200	Broken Link, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.microsoft.com/technet/security/advisory/947563.mspx	Broken Link, Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.securityfocus.com/bid/27305	Broken Link, Patch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	http://www.us-cert.gov/cas/techalerts/TA08-071A.html	Broken Link, Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0146	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	http://www.vupen.com/english/advisories/2008/0846/references	Broken Link, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014	Patch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108	https://exchange.xforce.ibmcloud.com/vulnerabilities/39699	Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108	https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546	Broken Link

Impacted products

Vendor	Product	Version
microsoft	excel	2000
microsoft	excel	2002
microsoft	excel	2003
microsoft	excel_viewer	2003
microsoft	office	2004

JSON

To clipboard

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "439B26BA-376C-4D6B-B7BA-B66B8BDA8E37",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
              "matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*",
              "matchCriteriaId": "A07483B7-E30C-43F3-B54B-2864BE9AD704",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
              "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*",
              "matchCriteriaId": "0B191155-67F2-4C6E-BD0C-AF5AF6F04BA1",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490."
    },
    {
      "lang": "es",
      "value": "Una vulnerabilidad no especificada en Microsoft Excel 2000 SP3 hasta 2003 SP2, Viewer 2003 y Office 2004 para Mac, permite a atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de macros dise\u00f1adas, tambi\u00e9n se conoce como \"VMacro Validation Vulnerability,\" una vulnerabilidad diferente de CVE-2007-3490."
    }
  ],
  "id": "CVE-2008-0081",
  "lastModified": "2025-01-17T16:15:24.647",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "HIGH",
        "cvssData": {
          "accessComplexity": "MEDIUM",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "COMPLETE",
          "baseScore": 9.3,
          "confidentialityImpact": "COMPLETE",
          "integrityImpact": "COMPLETE",
          "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
          "version": "2.0"
        },
        "exploitabilityScore": 8.6,
        "impactScore": 10.0,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 9.8,
          "baseSeverity": "CRITICAL",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 5.9,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2008-01-16T23:00:00.000",
  "references": [
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28506"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1019200"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/27305"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0146"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0846/references"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
    },
    {
      "source": "secure@microsoft.com",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List"
      ],
      "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://secunia.com/advisories/28506"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://securitytracker.com/id?1019200"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Vendor Advisory"
      ],
      "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Patch",
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/27305"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0146"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link",
        "Vendor Advisory"
      ],
      "url": "http://www.vupen.com/english/advisories/2008/0846/references"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Vendor Advisory"
      ],
      "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
    }
  ],
  "sourceIdentifier": "secure@microsoft.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-908"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}

gsd-2008-0081

Vulnerability from gsd

Modified

2023-12-13 01:22

Details

Aliases

CVE-2008-0081

Aliases

CVE-2008-0081

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2008-0081",
    "description": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490.",
    "id": "GSD-2008-0081"
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2008-0081"
      ],
      "details": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490.",
      "id": "GSD-2008-0081",
      "modified": "2023-12-13T01:22:58.191677Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secure@microsoft.com",
        "ID": "CVE-2008-0081",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "1019200",
            "refsource": "SECTRACK",
            "url": "http://securitytracker.com/id?1019200"
          },
          {
            "name": "oval:org.mitre.oval:def:5546",
            "refsource": "OVAL",
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
          },
          {
            "name": "microsoft-excel-unspecified-code-execution(39699)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
          },
          {
            "name": "TA08-071A",
            "refsource": "CERT",
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
          },
          {
            "name": "947563",
            "refsource": "MSKB",
            "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
          },
          {
            "name": "27305",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/27305"
          },
          {
            "name": "MS08-014",
            "refsource": "MS",
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
          },
          {
            "name": "SSRT080028",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
          },
          {
            "name": "HPSBST02320",
            "refsource": "HP",
            "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
          },
          {
            "name": "ADV-2008-0146",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0146"
          },
          {
            "name": "ADV-2008-0846",
            "refsource": "VUPEN",
            "url": "http://www.vupen.com/english/advisories/2008/0846/references"
          },
          {
            "name": "28506",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/28506"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "cve": {
        "configurations": [
          {
            "nodes": [
              {
                "cpeMatch": [
                  {
                    "criteria": "cpe:2.3:a:microsoft:excel:2000:sp3:*:*:*:*:*:*",
                    "matchCriteriaId": "439B26BA-376C-4D6B-B7BA-B66B8BDA8E37",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:excel:2002:sp3:*:*:*:*:*:*",
                    "matchCriteriaId": "896E23B1-AB34-43FF-96F3-BA6ED7F162AF",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:excel:2003:sp2:*:*:*:*:*:*",
                    "matchCriteriaId": "A07483B7-E30C-43F3-B54B-2864BE9AD704",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*",
                    "matchCriteriaId": "FDB0020C-A804-4003-B411-1AC7A6E7193E",
                    "vulnerable": true
                  },
                  {
                    "criteria": "cpe:2.3:a:microsoft:office:2004:*:*:*:*:macos:*:*",
                    "matchCriteriaId": "0B191155-67F2-4C6E-BD0C-AF5AF6F04BA1",
                    "vulnerable": true
                  }
                ],
                "negate": false,
                "operator": "OR"
              }
            ]
          }
        ],
        "descriptions": [
          {
            "lang": "en",
            "value": "Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka \"Macro Validation Vulnerability,\" a different vulnerability than CVE-2007-3490."
          },
          {
            "lang": "es",
            "value": "Una vulnerabilidad no especificada en Microsoft Excel 2000 SP3 hasta 2003 SP2, Viewer 2003 y Office 2004 para Mac, permite a atacantes remotos asistidos por el usuario ejecutar c\u00f3digo arbitrario por medio de macros dise\u00f1adas, tambi\u00e9n se conoce como \"VMacro Validation Vulnerability,\" una vulnerabilidad diferente de CVE-2007-3490."
          }
        ],
        "id": "CVE-2008-0081",
        "lastModified": "2024-02-08T23:42:31.667",
        "metrics": {
          "cvssMetricV2": [
            {
              "acInsufInfo": false,
              "baseSeverity": "HIGH",
              "cvssData": {
                "accessComplexity": "MEDIUM",
                "accessVector": "NETWORK",
                "authentication": "NONE",
                "availabilityImpact": "COMPLETE",
                "baseScore": 9.3,
                "confidentialityImpact": "COMPLETE",
                "integrityImpact": "COMPLETE",
                "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
                "version": "2.0"
              },
              "exploitabilityScore": 8.6,
              "impactScore": 10.0,
              "obtainAllPrivilege": false,
              "obtainOtherPrivilege": false,
              "obtainUserPrivilege": false,
              "source": "nvd@nist.gov",
              "type": "Primary",
              "userInteractionRequired": false
            }
          ],
          "cvssMetricV31": [
            {
              "cvssData": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.1"
              },
              "exploitabilityScore": 3.9,
              "impactScore": 5.9,
              "source": "nvd@nist.gov",
              "type": "Primary"
            }
          ]
        },
        "published": "2008-01-16T23:00:00.000",
        "references": [
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Mailing List"
            ],
            "url": "http://marc.info/?l=bugtraq\u0026m=120585858807305\u0026w=2"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://secunia.com/advisories/28506"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://securitytracker.com/id?1019200"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Patch",
              "Vendor Advisory"
            ],
            "url": "http://www.microsoft.com/technet/security/advisory/947563.mspx"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Patch",
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "http://www.securityfocus.com/bid/27305"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Third Party Advisory",
              "US Government Resource"
            ],
            "url": "http://www.us-cert.gov/cas/techalerts/TA08-071A.html"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0146"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link",
              "Vendor Advisory"
            ],
            "url": "http://www.vupen.com/english/advisories/2008/0846/references"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Patch",
              "Vendor Advisory"
            ],
            "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Third Party Advisory",
              "VDB Entry"
            ],
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/39699"
          },
          {
            "source": "secure@microsoft.com",
            "tags": [
              "Broken Link"
            ],
            "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5546"
          }
        ],
        "sourceIdentifier": "secure@microsoft.com",
        "vulnStatus": "Analyzed",
        "weaknesses": [
          {
            "description": [
              {
                "lang": "en",
                "value": "CWE-908"
              }
            ],
            "source": "nvd@nist.gov",
            "type": "Primary"
          }
        ]
      }
    }
  }
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
Confirmed: The vulnerability is confirmed from an analyst perspective.
Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
Patched: This vulnerability was successfully patched by the user reporting the sighting.
Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
Not confirmed: The user expresses doubt about the veracity of the vulnerability.
Not patched: This vulnerability was not successfully patched by the user reporting the sighting.

Action not permitted

cve-2008-0081

Vulnerability from cvelistv5

ghsa-h6j8-g36h-j99v

Vulnerability from github

var-200801-0023

Vulnerability from variot

fkie_cve-2008-0081

Vulnerability from fkie_nvd

gsd-2008-0081

Vulnerability from gsd

Tags

Sightings

Nomenclature