CVE-2008-3004: CVE-2008-3004

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2008-3004

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Indexing Validation Vulnerability."

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

Microsfot Excel 索引验证远程代码执行漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

Excel是Microsoft Office办公软件套件中的电子表格工具。多个版本的Excel( 2000 SP3/2002 SP3/2003 SP2及SP3/Office Excel Viewer 2003/Office 2004及2008 for Mac)存在代码执行漏洞。上述版本软件在将Excel文件加载到内存时，没有正确地验证电子表格内嵌图表中的AxesSet记录。如果XLS文件中包含有越界的数组值的话，则用户打开该文件就可能触发内存破坏，导致执行任意指令。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2008-3004

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2008-3004

Please Login to view more intelligence information

http://www.securityfocus.com/bid/30638vdb-entryx_refsource_BID
http://secunia.com/advisories/31454third-party-advisoryx_refsource_SECUNIA
http://www.securitytracker.com/id?1020670vdb-entryx_refsource_SECTRACK
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-043vendor-advisoryx_refsource_MS
http://marc.info/?l=bugtraq&m=121915960406986&w=2vendor-advisoryx_refsource_HP
http://www.vupen.com/english/advisories/2008/2347vdb-entryx_refsource_VUPEN
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5885vdb-entrysignaturex_refsource_OVAL
http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=740third-party-advisoryx_refsource_IDEFENSE
https://nvd.nist.gov/vuln/detail/CVE-2008-3004

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2008-3004

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2008-3004

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2008-3004

III. Intelligence Information for CVE-2008-3004

IV. Related Vulnerabilities

V. Comments for CVE-2008-3004

Leave a comment