CVE-2008-0118
published 2008-03-11CVE-2008-0118: Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote…
PriorityP258critical9.3CVSS 2.0
AVNACMAuNCCICAC
EXPLOIT
EPSS
34.84%
98.2th percentile
Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability."
Affected
4 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
Detection & IOCsextracted from sources · hover to see the quote
- →Exploit is delivered via a crafted .PPT file triggering a buffer overflow; monitor for suspicious Office document opens (especially .PPT/.PPT-family files) from untrusted sources on unpatched Office XP SP3 systems. ↗
- →The vulnerability triggers memory corruption from an allocation error in Office document parsing; alert on Office processes spawning unexpected child processes (e.g., calc.exe or shells) as a post-exploitation indicator. ↗
- →Attacker entices victim to open a malicious Office file; user-assisted delivery vector — consider email/web attachment inspection for malformed Office documents targeting affected versions (Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003, Office 2004 for Mac). ↗
- ·Exploit PoC targets Office XP SP3 only with patches prior to 03/11/08; effectiveness against other affected versions (Office 2000 SP3, 2003 SP2, Excel Viewer 2003, Office 2004 for Mac) is not confirmed by the PoC author. ↗
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
exploitdb·2008-03-30
CVE-2008-0118 Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
Microsoft Office XP SP3 - '.PPT' File Buffer Overflow (MS08-016)
---
Runs calc.exe on Office XP SP3 with updates < 03/11/08.
Just for fun...
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31361.tgz (2008-ms08-016.tgz)
[email protected]
# milw0rm.com [2008-03-30]
Exploit-DB
Microsoft Office 2000/2003/2004/XP - File Memory Corruption
exploitdb·2008-03-07
CVE-2008-0118 Microsoft Office 2000/2003/2004/XP - File Memory Corruption
Microsoft Office 2000/2003/2004/XP - File Memory Corruption
---
source: https://www.securityfocus.com/bid/28146/info
Microsoft Office is prone to a remote memory-corruption vulnerability.
An attacker could exploit this issue by enticing a victim to open a malicious Office file.
Successfully exploiting this issue would allow the attacker to execute arbitrary code in the context of the currently logged-in user.
https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31361.tgz
No writeups or analysis indexed.
http://marc.info/?l=bugtraq&m=120585858807305&w=2http://secunia.com/advisories/29321http://www.securityfocus.com/bid/28146http://www.securitytracker.com/id?1019578http://www.us-cert.gov/cas/techalerts/TA08-071A.htmlhttp://www.vupen.com/english/advisories/2008/0848/referenceshttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5190http://marc.info/?l=bugtraq&m=120585858807305&w=2http://secunia.com/advisories/29321http://www.securityfocus.com/bid/28146http://www.securitytracker.com/id?1019578http://www.us-cert.gov/cas/techalerts/TA08-071A.htmlhttp://www.vupen.com/english/advisories/2008/0848/referenceshttps://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5190
2008-03-11
Published