ID

VAR-200801-0023


CVE

CVE-2008-0081


TITLE

Microsoft Excel  memory corruption vulnerability in

Trust: 0.8

sources: JVNDB: JVNDB-2008-001031

DESCRIPTION

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490. Microsoft Excel for, Excel There is a memory corruption vulnerability due to a flaw in the handling of file headers.crafted by a third party Excel The file may lead to arbitrary code execution. Microsoft Excel is prone to a remote code-execution vulnerability. An attacker may exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will likely result in denial-of-service conditions. There are multiple code execution vulnerabilities in the way of processing data when Excel imports files, the way of processing Style record data, the way of processing conditional format values, and the way of processing macros. ---------------------------------------------------------------------- A new version (0.9.0.0 - Release Candidate 1) of the free Secunia PSI has been released. The new version includes many new and advanced features, which makes it even easier to stay patched. NOTE: According to Microsoft, this is currently being actively exploited. SOLUTION: Do not open untrusted Excel files. Please see the vendor's advisory for details. PROVIDED AND/OR DISCOVERED BY: Discovered as a 0-day. ORIGINAL ADVISORY: Microsoft (KB947563): http://www.microsoft.com/technet/security/advisory/947563.mspx ---------------------------------------------------------------------- About: This Advisory was delivered by Secunia as a free service to help everybody keeping their systems up to date against the latest vulnerabilities. Subscribe: http://secunia.com/secunia_security_advisories/ Definitions: (Criticality, Where etc.) http://secunia.com/about_secunia_advisories/ Please Note: Secunia recommends that you verify all advisories you receive by clicking the link. Secunia NEVER sends attached files with advisories. Secunia does not advise people to install third party patches, only use those supplied by the vendor. ---------------------------------------------------------------------- Unsubscribe: Secunia Security Advisories http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org ---------------------------------------------------------------------- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 National Cyber Alert System Technical Cyber Security Alert TA08-071A Microsoft Updates for Multiple Vulnerabilities Original release date: March 11, 2008 Last revised: -- Source: US-CERT Systems Affected * Microsoft Office * Microsoft Outlook * Microsoft Excel * Microsoft Excel Viewer * Microsoft Office for Mac * Microsoft Office Web Componenets Overview Microsoft has released updates that address vulnerabilities in Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components. I. Description Microsoft has released updates to address vulnerabilities that affect Microsoft Office, Outlook, Excel, Excel Viewer, Office for Mac, and Office Web Components as part of the Microsoft Security Bulletin Summary for March 2008. For more information, see the US-CERT Vulnerability Notes Database. II. III. Solution Apply updates from Microsoft Microsoft has provided updates for these vulnerabilities in the March 2008 security bulletin. The security bulletin describe any known issues related to the updates. Administrators are encouraged to note these issues and test for any potentially adverse effects. Administrators should consider using an automated update distribution system such as Windows Server Update Services (WSUS). IV. References * US-CERT Vulnerability Notes for Microsoft March 2008 updates - <http://www.kb.cert.org/vuls/byid?searchview&query=ms08-mar> * Microsoft Security Bulletin Summary for March 2008 - <http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx> * Microsoft Update - <https://www.update.microsoft.com/microsoftupdate/> * Windows Server Update Services - <http://www.microsoft.com/windowsserversystem/updateservices/default.mspx> _________________________________________________________________ The most recent version of this document can be found at: <http://www.us-cert.gov/cas/techalerts/TA08-071A.html> _________________________________________________________________ Feedback can be directed to US-CERT Technical Staff. Please send email to <cert@cert.org> with "TA08-071A Feedback VU#393305" in the subject. _________________________________________________________________ For instructions on subscribing to or unsubscribing from this mailing list, visit <http://www.us-cert.gov/cas/signup.html>. _________________________________________________________________ Produced 2008 by US-CERT, a government organization. Terms of use: <http://www.us-cert.gov/legal.html> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iQEVAwUBR9b0APRFkHkM87XOAQLTUwf9HHlM9vQfwMpmCv77RuJKdZgdn5bNTPQA HjsABoxmVZzE4XnArclHPyMivO8x/oel6UFvZgG/h2oGFarK7h1WpvCFQKE/cNO8 c5o0tRhxMx+ri7w7DnkhmhbWTLQ8coqKjzAioKoc2mboNz+PamQO22INjS3ktOyL dRA+qwxSsPN3Bi7NDS2DOdUeAA+VdMn0cQTDLHJ7ZPhzy7JOiVXwQwyO3CwNDeOl C6+FGSk8o1BsMjdP6kRaGnQkgivBi1ID4dcAQA8h0K2IGDPkCBIYiGTvj9pNnpwZ lrP6DdHyd2idzGEXr2R0VlTQPrhabs+YpZq+qzVh6f2tg+Lc9xBwHg== =aCnE -----END PGP SIGNATURE-----

Trust: 2.16

sources: NVD: CVE-2008-0081 // JVNDB: JVNDB-2008-001031 // BID: 27305 // VULHUB: VHN-30206 // PACKETSTORM: 62693 // PACKETSTORM: 64511

AFFECTED PRODUCTS

vendor:microsoftmodel:excelscope:eqversion:2003

Trust: 1.9

vendor:microsoftmodel:excelscope:eqversion:2002

Trust: 1.9

vendor:microsoftmodel:excelscope:eqversion:2000

Trust: 1.9

vendor:microsoftmodel:excel viewerscope:eqversion:2003

Trust: 1.6

vendor:microsoftmodel:officescope:eqversion:2004

Trust: 1.6

vendor:マイクロソフトmodel:microsoft officescope:eqversion:2007

Trust: 0.8

vendor:マイクロソフトmodel:microsoft excel viewerscope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft office 互換機能パックscope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft officescope:eqversion:2003

Trust: 0.8

vendor:マイクロソフトmodel:microsoft officescope:eqversion:compatibility pack

Trust: 0.8

vendor:マイクロソフトmodel:microsoft excelscope: - version: -

Trust: 0.8

vendor:マイクロソフトmodel:microsoft officescope:eqversion:xp

Trust: 0.8

vendor:マイクロソフトmodel:microsoft officescope:eqversion:2004 (mac_os)

Trust: 0.8

vendor:マイクロソフトmodel:microsoft officescope:eqversion:2000

Trust: 0.8

vendor:microsoftmodel:office xp sp3scope: - version: -

Trust: 0.3

vendor:microsoftmodel:office xp sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:office xp sp1scope: - version: -

Trust: 0.3

vendor:microsoftmodel:office xpscope: - version: -

Trust: 0.3

vendor:microsoftmodel:office for macscope:eqversion:20040

Trust: 0.3

vendor:microsoftmodel:office sp3scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:office sp2scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:office sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:officescope:eqversion:20030

Trust: 0.3

vendor:microsoftmodel:officescope:eqversion:20020

Trust: 0.3

vendor:microsoftmodel:office sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:office sp1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:officescope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:internet explorer for unix sp2scope: - version: -

Trust: 0.3

vendor:microsoftmodel:excel viewerscope:eqversion:20030

Trust: 0.3

vendor:microsoftmodel:excel for macscope:eqversion:20040

Trust: 0.3

vendor:microsoftmodel:excel sp3scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:excel sp2scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:excel sp1scope:eqversion:2003

Trust: 0.3

vendor:microsoftmodel:excel sp3scope:eqversion:2002

Trust: 0.3

vendor:microsoftmodel:excel sp2scope:eqversion:2002

Trust: 0.3

vendor:microsoftmodel:excel sp1scope:eqversion:2002

Trust: 0.3

vendor:microsoftmodel:excel sr1scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:excel sp3scope:eqversion:2000

Trust: 0.3

vendor:microsoftmodel:excel sp2scope:eqversion:2000

Trust: 0.3

sources: BID: 27305 // JVNDB: JVNDB-2008-001031 // CNNVD: CNNVD-200801-246 // NVD: CVE-2008-0081

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2008-0081
value: CRITICAL

Trust: 1.0

NVD: CVE-2008-0081
value: CRITICAL

Trust: 0.8

CNNVD: CNNVD-200801-246
value: CRITICAL

Trust: 0.6

VULHUB: VHN-30206
value: HIGH

Trust: 0.1

nvd@nist.gov: CVE-2008-0081
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.8

VULHUB: VHN-30206
severity: HIGH
baseScore: 9.3
vectorString: AV:N/AC:M/AU:N/C:C/I:C/A:C
accessVector: NETWORK
accessComplexity: MEDIUM
authentication: NONE
confidentialityImpact: COMPLETE
integrityImpact: COMPLETE
availabilityImpact: COMPLETE
exploitabilityScore: 8.6
impactScore: 10.0
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2008-0081
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 3.9
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2008-0081
baseSeverity: CRITICAL
baseScore: 9.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-30206 // JVNDB: JVNDB-2008-001031 // CNNVD: CNNVD-200801-246 // NVD: CVE-2008-0081

PROBLEMTYPE DATA

problemtype:CWE-908

Trust: 1.0

problemtype:Use of uninitialized resources (CWE-908) [NVD evaluation ]

Trust: 0.8

sources: JVNDB: JVNDB-2008-001031 // NVD: CVE-2008-0081

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 64511 // CNNVD: CNNVD-200801-246

TYPE

design error

Trust: 0.6

sources: CNNVD: CNNVD-200801-246

EXPLOIT AVAILABILITY

sources: VULHUB: VHN-30206

PATCH

title:MS08-014e Fujitsu Fujitsu   Public vulnerability informationurl:http://support.microsoft.com/?scid=kb%3Ben-us%3B949029&x=19&y=10

Trust: 0.8

sources: JVNDB: JVNDB-2008-001031

EXTERNAL IDS

db:NVDid:CVE-2008-0081

Trust: 3.6

db:BIDid:27305

Trust: 2.8

db:USCERTid:TA08-071A

Trust: 2.6

db:SECUNIAid:28506

Trust: 2.6

db:SECTRACKid:1019200

Trust: 2.5

db:VUPENid:ADV-2008-0846

Trust: 1.7

db:VUPENid:ADV-2008-0146

Trust: 1.7

db:XFid:39699

Trust: 1.4

db:USCERTid:SA08-071A

Trust: 0.8

db:JVNDBid:JVNDB-2008-001031

Trust: 0.8

db:CNNVDid:CNNVD-200801-246

Trust: 0.7

db:MSid:MS08-014

Trust: 0.6

db:CERT/CCid:TA08-071A

Trust: 0.6

db:HPid:SSRT080028

Trust: 0.6

db:EXPLOIT-DBid:5287

Trust: 0.1

db:VULHUBid:VHN-30206

Trust: 0.1

db:PACKETSTORMid:62693

Trust: 0.1

db:PACKETSTORMid:64511

Trust: 0.1

sources: VULHUB: VHN-30206 // BID: 27305 // JVNDB: JVNDB-2008-001031 // PACKETSTORM: 62693 // PACKETSTORM: 64511 // CNNVD: CNNVD-200801-246 // NVD: CVE-2008-0081

REFERENCES

url:http://www.securityfocus.com/bid/27305

Trust: 2.5

url:http://www.us-cert.gov/cas/techalerts/ta08-071a.html

Trust: 2.5

url:http://securitytracker.com/id?1019200

Trust: 2.5

url:http://secunia.com/advisories/28506

Trust: 2.5

url:http://www.microsoft.com/technet/security/advisory/947563.mspx

Trust: 2.1

url:http://www.symantec.com/security_response/writeup.jsp?docid=2008-030516-1836-99

Trust: 1.6

url:http://marc.info/?l=bugtraq&m=120585858807305&w=2

Trust: 1.6

url:http://xforce.iss.net/xforce/xfdb/39699

Trust: 1.4

url:http://www.frsirt.com/english/advisories/2008/0146

Trust: 1.4

url:https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014

Trust: 1.1

url:https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a5546

Trust: 1.1

url:http://www.vupen.com/english/advisories/2008/0146

Trust: 1.1

url:http://www.vupen.com/english/advisories/2008/0846/references

Trust: 1.1

url:https://exchange.xforce.ibmcloud.com/vulnerabilities/39699

Trust: 1.1

url:http://www.microsoft.com/technet/security/bulletin/ms08-014.mspx

Trust: 0.9

url:http://jvn.jp/cert/jvnta08-071a/index.html

Trust: 0.8

url:http://jvn.jp/tr/trta08-071a/index.html

Trust: 0.8

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2008-0081

Trust: 0.8

url:http://www.jpcert.or.jp/at/2008/at080004.txt

Trust: 0.8

url:http://www.cyberpolice.go.jp/important/2008/20080421_160353.html

Trust: 0.8

url:http://www.us-cert.gov/cas/alerts/sa08-071a.html

Trust: 0.8

url:http://www.ipa.go.jp/security/ciadr/vul/20080312-ms08-014.html

Trust: 0.8

url:http://www.iss.net/threats/288.html

Trust: 0.8

url:http://isc.sans.org/diary.html?storyid=4117

Trust: 0.8

url:http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?vname=troj%5fmdrop%2eah

Trust: 0.8

url:http://www.frsirt.com/english/advisories/2008/0846/references

Trust: 0.6

url:http://oval.mitre.org/repository/data/getdef?id=oval:org.mitre.oval:def:5546

Trust: 0.6

url:http://office.microsoft.com/excel

Trust: 0.3

url:http://support.microsoft.com/kb/935865

Trust: 0.3

url:http://blogs.technet.com/swi/archive/2008/03/11/the-case-of-the-uninitialized-stack-variable-vulnerability.aspx

Trust: 0.3

url:http://blogs.technet.com/msrc/archive/2008/01/15/msrc-blog-security-advisory-947563.aspx

Trust: 0.3

url:http://marc.info/?l=bugtraq&amp;m=120585858807305&amp;w=2

Trust: 0.1

url:http://secunia.com/secunia_security_advisories/

Trust: 0.1

url:http://secunia.com/product/2276/

Trust: 0.1

url:http://secunia.com/product/2275/

Trust: 0.1

url:https://psi.secunia.com/?page=changelog

Trust: 0.1

url:https://psi.secunia.com/

Trust: 0.1

url:http://secunia.com/advisories/28506/

Trust: 0.1

url:http://secunia.com/product/4043/

Trust: 0.1

url:http://secunia.com/product/3054/

Trust: 0.1

url:http://secunia.com/product/24/

Trust: 0.1

url:http://secunia.com/product/7700/

Trust: 0.1

url:http://secunia.com/product/4970/

Trust: 0.1

url:http://secunia.com/sec_adv_unsubscribe/?email=packet%40packetstormsecurity.org

Trust: 0.1

url:http://secunia.com/product/2278/

Trust: 0.1

url:http://secunia.com/product/2277/

Trust: 0.1

url:http://secunia.com/about_secunia_advisories/

Trust: 0.1

url:http://secunia.com/product/8713/

Trust: 0.1

url:http://www.us-cert.gov/cas/signup.html>.

Trust: 0.1

url:http://www.kb.cert.org/vuls/byid?searchview&query=ms08-mar>

Trust: 0.1

url:http://www.microsoft.com/windowsserversystem/updateservices/default.mspx>

Trust: 0.1

url:http://www.us-cert.gov/cas/techalerts/ta08-071a.html>

Trust: 0.1

url:http://www.microsoft.com/technet/security/bulletin/ms08-mar.mspx>

Trust: 0.1

url:http://www.us-cert.gov/legal.html>

Trust: 0.1

url:https://www.update.microsoft.com/microsoftupdate/>

Trust: 0.1

sources: VULHUB: VHN-30206 // BID: 27305 // JVNDB: JVNDB-2008-001031 // PACKETSTORM: 62693 // PACKETSTORM: 64511 // CNNVD: CNNVD-200801-246 // NVD: CVE-2008-0081

CREDITS

Bing LiuMoti JosephDan Hubbard

Trust: 0.6

sources: CNNVD: CNNVD-200801-246

SOURCES

db:VULHUBid:VHN-30206
db:BIDid:27305
db:JVNDBid:JVNDB-2008-001031
db:PACKETSTORMid:62693
db:PACKETSTORMid:64511
db:CNNVDid:CNNVD-200801-246
db:NVDid:CVE-2008-0081

LAST UPDATE DATE

2024-08-14T13:39:01.662000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-30206date:2018-10-12T00:00:00
db:BIDid:27305date:2008-04-08T22:18:00
db:JVNDBid:JVNDB-2008-001031date:2024-02-29T02:58:00
db:CNNVDid:CNNVD-200801-246date:2008-09-05T00:00:00
db:NVDid:CVE-2008-0081date:2024-02-08T23:42:31.667

SOURCES RELEASE DATE

db:VULHUBid:VHN-30206date:2008-01-16T00:00:00
db:BIDid:27305date:2008-01-15T00:00:00
db:JVNDBid:JVNDB-2008-001031date:2008-01-30T00:00:00
db:PACKETSTORMid:62693date:2008-01-17T04:45:41
db:PACKETSTORMid:64511date:2008-03-13T04:19:58
db:CNNVDid:CNNVD-200801-246date:2008-01-16T00:00:00
db:NVDid:CVE-2008-0081date:2008-01-16T23:00:00