|
|
|||
| Rule General Information |
|---|
| Release Date: | 2019-05-28 | |
| Rule Name: | Microsoft Excel FORMAT Record Array Index Memory Corruption Vulnerability (CVE-2008-3005) | |
| Severity: | ||
| CVE ID: | ||
| Rule Protection Details |
|---|
| Description: | Array index vulnerability in Microsoft Office Excel 2000 SP3 and 2002 SP3, and Office 2004 and 2008 for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted array index for a FORMAT record, aka the "Excel Index Array Vulnerability." | |
| Impact: | An attacker can execute arbitrary code in the context of the vulnerable system. Failed exploit may cause denial-of-service attack. | |
| Affected OS: | Windows, Linux, FreeBSD, Solaris, Other Unix, Network Device, Mac OS, iOS, Android, Others | |
| Reference: | SecurityFocusBID:30639 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-043 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=741 http://marc.info/?l=bugtraq&m=121915960406986&w=2 |
|
| Solutions |
|---|
| The vendors have released upgrade patches to fix vulnerabilities, please visit: http://www.microsoft.com/technet/security/bulletin/ms08-043.mspx |