CVE-2008-0104Code Injection in Microsoft Office

CWE-94Code Injection4 documents4 sources
Severity
9.3CRITICALNVD
EPSS
48.4%
top 2.25%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Microsoft Office
Timeline
PublishedFeb 12
Latest updateMay 1

Description

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

NVDmicrosoft/office2000, 2003, xp+2

🔴Vulnerability Details

1
GHSA
GHSA-9f63-4cgr-2gc5: Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted2022-05-01

🕵️Threat Intelligence

1
Fortinet
iSNS Server Memory Corruption Vulnerability in Microsoft Windows Server2017-03-23

💬Community

1
Bugzilla
CVE-2008-0416 Mozilla arbitrary code execution2008-02-06
CVE-2008-0104 — Code Injection in Microsoft Office | cvebase