CVE-2008-3018 in Officeinfo

Summary

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008-3021.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Reservation

07/07/2008

Disclosure

08/12/2008

Moderation

VulDB entry created

Entries

VDB-3796 (2)

CPE

ready

CWE

CWE-94 (Confirmed)

CVSS

7.3

EPSS

0.50102

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-3018
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3018
CVE Details	https://www.cvedetails.com/cve/CVE-2008-3018/

◂ Previous Overview Next ▸

Interested in the pricing of exploits?

See the underground prices here!