CVE-2008-1455

CWE-3993 documents3 sources

Severity

6.8MEDIUM

EPSS

63.8%

top 1.58%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Microsoft Compatibility Pack Word Excel Powerpoint Microsoft Office Microsoft Office Powerpoint Viewer

Timeline

PublishedAug 13

Latest updateMay 1

Description

A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 through SP1; and Office 2004 for Mac allows remote attackers to execute arbitrary code via a PowerPoint file with crafted list values that trigger memory corruption, aka "Parsing Overflow Vulnerability."

CVSS vector

AV:N/AC:M/C:P/I:P/A:PExploitability: 8.6 | Impact: 6.4

Affected Packages3 packages

▶NVDmicrosoft/compatibility_pack_word_excel_powerpoint2007

▶NVDmicrosoft/office_powerpoint_viewer2003

▶NVDmicrosoft/office5 versions+4

🔴Vulnerability Details

GHSA

GHSA-5ch3-cq34-9r3g: A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Ex↗2022-05-01

▶

CVEList

CVE-2008-1455: A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Ex↗2008-08-13

▶