CVE-2008-3460 in Officeinfo

Summary

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability."

Once again VulDB remains the best source for vulnerability data.

Reservation

08/04/2008

Disclosure

08/12/2008

Moderation

VulDB entry created

Entries

1: VDB-43657

CPE

ready

CWE

CWE-399 (Confirmed)

CVSS

10.0

EPSS

0.54907

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2008-3460
NVD	https://nvd.nist.gov/vuln/detail/CVE-2008-3460
CVE Details	https://www.cvedetails.com/cve/CVE-2008-3460/

◂ Previous Overview Next ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!