CVE-2008-0119

{"id": "CVE-2008-0119", "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 9.3, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "authentication": "NONE", "integrityImpact": "COMPLETE", "accessComplexity": "MEDIUM", "availabilityImpact": "COMPLETE", "confidentialityImpact": "COMPLETE"}, "acInsufInfo": false, "impactScore": 10.0, "baseSeverity": "HIGH", "obtainAllPrivilege": true, "exploitabilityScore": 8.6, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": true}]}, "published": "2008-05-13T22:20:00.000", "references": [{"url": "http://marc.info/?l=bugtraq&m=121129490723574&w=2", "source": "secure@microsoft.com"}, {"url": "http://secunia.com/advisories/30150", "tags": ["Vendor Advisory"], "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/archive/1/492073/100/0/threaded", "source": "secure@microsoft.com"}, {"url": "http://www.securityfocus.com/bid/29158", "source": "secure@microsoft.com"}, {"url": "http://www.securitytracker.com/id?1020015", "source": "secure@microsoft.com"}, {"url": "http://www.us-cert.gov/cas/techalerts/TA08-134A.html", "tags": ["US Government Resource"], "source": "secure@microsoft.com"}, {"url": "http://www.vupen.com/english/advisories/2008/1505/references", "source": "secure@microsoft.com"}, {"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-027", "source": "secure@microsoft.com"}, {"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5303", "source": "secure@microsoft.com"}], "vulnStatus": "Modified", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "CWE-94"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka \"Publisher Object Handler Validation Vulnerability.\""}, {"lang": "es", "value": "Vulnerabilidad sin especificar en Microsoft publisher en Office XP SP3, 2003 SP2 y SP3 y 2007 SP1 y anteriores, permite a atacantes remotos ejecutar c\u00f3digo de su elecci\u00f3n a trav\u00e9s de un fichero publisher con datos en el objeto de cabecera manipulados lo que provoca una corrupci\u00f3n de memoria, tambi\u00e9n conocido como \"Vulnerabilidad en la validaci\u00f3n del manejo del objeto\"\u00b7"}], "lastModified": "2018-10-15T21:57:59.297", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4891122F-AD7F-45E6-98C6-833227916F6B"}, {"criteria": "cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "07D3F3E4-93FB-481A-94D9-075E726697C4"}, {"criteria": "cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E"}, {"criteria": "cpe:2.3:a:microsoft:office:2007:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "828219FA-E694-46DA-93B0-BE2EC5BBF61E"}, {"criteria": "cpe:2.3:a:microsoft:office:2007_sp1:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "4142D44F-26F2-467B-A7DE-00239C0013D4"}, {"criteria": "cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "79BA1175-7F02-4435-AEA6-1BA8AADEB7EF"}], "operator": "OR"}]}], "sourceIdentifier": "secure@microsoft.com"}