Vulnerability Description
Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Office | 2000 |
Related Weaknesses (CWE)
References
- http://marc.info/?l=bugtraq&m=121129490723574&w=2
- http://secunia.com/advisories/30150Vendor Advisory
- http://www.securityfocus.com/archive/1/492073/100/0/threaded
- http://www.securityfocus.com/bid/29158
- http://www.securitytracker.com/id?1020015
- http://www.us-cert.gov/cas/techalerts/TA08-134A.htmlUS Government Resource
- http://www.vupen.com/english/advisories/2008/1505/references
- https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-02
- https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3
- http://marc.info/?l=bugtraq&m=121129490723574&w=2
- http://secunia.com/advisories/30150Vendor Advisory
- http://www.securityfocus.com/archive/1/492073/100/0/threaded
- http://www.securityfocus.com/bid/29158
- http://www.securitytracker.com/id?1020015
- http://www.us-cert.gov/cas/techalerts/TA08-134A.htmlUS Government Resource
FAQ
What is CVE-2008-0119?
CVE-2008-0119 is a vulnerability with a CVSS score of 9.3 (HIGH). Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with craft...
How severe is CVE-2008-0119?
CVE-2008-0119 has been rated HIGH with a CVSS base score of 9.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-0119?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office.