Secunia
Login
|
|
CVE Reference: CVE-2008-2463 |
|
| NOTE: The text on this page is written by CVE MITRE and reflects neither the opinions of Secunia or the results of our research. All data on this page is written and maintained by CVE MITRE. | |
|
Original Page at CVE MITRE: CVE-2008-2463 |
|
|
Description: The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder. |
|
|
CVE Status: Candidate |
|
|
References: XF http://xforce.iss.net/xforce/xfdb/43613 ST 1020433 SAID Secunia Advisory: SA30883 OVAL http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:6120 MILW0RM http://www.milw0rm.com/exploits/6124 HP http://marc.info/?l=bugtraq&m=121915960406986&w=2 EXPLOIT-DB http://www.exploit-db.com/exploits/6124 CONFIRM http://www.microsoft.com/technet/security/advisory/955179.mspx CERT-VN 837785 CERT http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.us-cert.gov/cas/techalerts/TA08-189A.html BID 30114 |
|
| Return to the previous page. |
