CVE-2008-3007 Information
Description
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3 2003 SP2 and SP3 2007 Office System Gold and SP1 and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL aka \Uniform Resource Locator Validation Error Vulnerability.\
Reference
http://marc.info/?l=bugtraq&m=122235754013992&w=2 http://www.insomniasec.com/advisories/ISVA-080910.1.htm http://www.securityfocus.com/archive/1/496178/100/0/threaded http://www.securityfocus.com/bid/31067 http://www.securitytracker.com/id?1020833 http://www.us-cert.gov/cas/techalerts/TA08-253A.html http://www.vupen.com/english/advisories/2008/2523 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-055 https://oval.cisecurity.org/repository/search/definition/oval3Aorg.mitre.oval3Adef3A5970
Share on: