CVE-2008-0120 — Out-of-bounds Write in Microsoft Office Powerpoint Viewer

CWE-3993 documents3 sources

Severity

9.3CRITICALNVD

EPSS

68.6%

top 1.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Office Powerpoint Viewer

Timeline

PublishedAug 13

Latest updateMay 1

Description

Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture index that triggers memory corruption, related to handling of CString objects, aka "Memory Allocation Vulnerability."

CVSS vector

AV:N/AC:M/C:C/I:C/A:CExploitability: 8.6 | Impact: 10.0

Affected Packages1 packages

▶NVDmicrosoft/office_powerpoint_viewer2003

Patches

Patch: secunia.com ↗Patch: secunia.com ↗

🔴Vulnerability Details

GHSA

GHSA-82v2-59rq-5h73: Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture↗2022-05-01

▶

CVEList

CVE-2008-0120: Integer overflow in Microsoft PowerPoint Viewer 2003 allows remote attackers to execute arbitrary code via a PowerPoint file with a malformed picture↗2008-08-13

▶