CVE-2008-1090 : Detail

CVE-2008-1090

85.91%V3
Network
2008-04-08
21h00 +00:00
2018-10-12
17h57 +00:00
Notifications for a CVE
Stay informed of any changes for a specific CVE.
Notifications manage

CVE Descriptions

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."

CVE Informations

Related Weaknesses

CWE-ID Weakness Name Source
CWE-399 Category : Resource Management Errors
Weaknesses in this category are related to improper management of system resources.

Metrics

Metrics Score Severity CVSS Vector Source
V2 9.3 AV:N/AC:M/Au:N/C:C/I:C/A:C nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.
EPSS V0
EPSS V1
EPSS V2
EPSS V3
90.0090.0080.0080.0070.0070.0060.0060.0050.0050.0040.0040.0046.72%46.72%78.33%77.2%79.47%73.43%62.33%59.49%67.01%72.39%78.33%84.24%Jul '22Jul '2220232023Jul '23Jul '2320242024Jul '24Jul '2420252025
Download SVG
Download PNG
Download CSV

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.
100.0100.099.099.098.098.097.097.096.096.098%99%98%98%98%98%98%98%97%98%98%98%98%98%99%99%Jul '22Jul '2220232023Jul '23Jul '2320242024Jul '24Jul '2420252025
Download SVG
Download PNG
Download CSV

Products Mentioned

Configuraton 0

Microsoft>>Office >> Version 2003

Microsoft>>Office >> Version 2003

Microsoft>>Office >> Version 2007

Microsoft>>Office >> Version 2007_sp1

    Microsoft>>Office >> Version xp

    Microsoft>>Visio >> Version 2002

    Microsoft>>Visio >> Version 2003

    Microsoft>>Visio >> Version 2003_sp3

      Microsoft>>Visio >> Version 2007

      Microsoft>>Visio >> Version 2007_sp1

        References

        http://www.securitytracker.com/id?1019804
        Tags : vdb-entry, x_refsource_SECTRACK
        http://www.us-cert.gov/cas/techalerts/TA08-099A.html
        Tags : third-party-advisory, x_refsource_CERT
        http://marc.info/?l=bugtraq&m=120845064910729&w=2
        Tags : vendor-advisory, x_refsource_HP
        http://marc.info/?l=bugtraq&m=120845064910729&w=2
        Tags : vendor-advisory, x_refsource_HP
        http://secunia.com/advisories/29691
        Tags : third-party-advisory, x_refsource_SECUNIA
        http://www.securityfocus.com/bid/28556
        Tags : vdb-entry, x_refsource_BID