CVE-2008-2463 - OpenCVE

The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder.

No CVSS v4.0

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:M/Au:N/C:P/I:P/A:P

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Microsoft	Office Snapshot Viewer Activex

Configuration 1 [-]

OR	cpe:2.3:a:microsoft:office_snapshot_viewer_activex:office_2003:::::::*
	cpe:2.3:a:microsoft:office_snapshot_viewer_activex:office_xp:::::::*
	cpe:2.3:a:microsoft:office_snapshot_viewer_activex:office2000:::::::*

No data.

References

Link	Providers
http://marc.info/?l=bugtraq&m=121915960406986&w=2
http://secunia.com/advisories/30883
http://www.exploit-db.com/exploits/6124
http://www.kb.cert.org/vuls/id/837785
http://www.microsoft.com/technet/security/advisory/955179.mspx
http://www.securityfocus.com/bid/30114
http://www.securitytracker.com/id?1020433
http://www.us-cert.gov/cas/techalerts/TA08-189A.html
http://www.us-cert.gov/cas/techalerts/TA08-225A.html
http://www.vupen.com/english/advisories/2008/2012/references
https://exchange.xforce.ibmcloud.com/vulnerabilities/43613
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6120

History

No history.

MITRE

Status: PUBLISHED

Assigner: certcc

Published: 2008-07-07T23:00:00

Updated: 2024-08-07T09:05:28.335Z

Reserved: 2008-05-28T00:00:00

Link: CVE-2008-2463

Vulnrichment

No data.

NVD

Status : Modified

Published: 2008-07-07T23:41:00.000

Modified: 2017-09-29T01:31:10.880

Link: CVE-2008-2463

Redhat

No data.

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2008-07-07T00:00:00", "descriptions": [{"lang": "en", "value": "The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-09-28T12:57:01", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc"}, "references": [{"name": "TA08-189A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-189A.html"}, {"name": "6124", "tags": ["exploit", "x_refsource_EXPLOIT-DB"], "url": "http://www.exploit-db.com/exploits/6124"}, {"name": "TA08-225A", "tags": ["third-party-advisory", "x_refsource_CERT"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html"}, {"name": "ADV-2008-2012", "tags": ["vdb-entry", "x_refsource_VUPEN"], "url": "http://www.vupen.com/english/advisories/2008/2012/references"}, {"name": "HPSBST02360", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.microsoft.com/technet/security/advisory/955179.mspx"}, {"name": "SSRT080117", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"name": "VU#837785", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/837785"}, {"name": "30883", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/30883"}, {"name": "oval:org.mitre.oval:def:6120", "tags": ["vdb-entry", "signature", "x_refsource_OVAL"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6120"}, {"name": "microsoft-snapshotviewer-code-execution(43613)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43613"}, {"name": "30114", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/30114"}, {"name": "1020433", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id?1020433"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cert@cert.org", "ID": "CVE-2008-2463", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "TA08-189A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-189A.html"}, {"name": "6124", "refsource": "EXPLOIT-DB", "url": "http://www.exploit-db.com/exploits/6124"}, {"name": "TA08-225A", "refsource": "CERT", "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html"}, {"name": "ADV-2008-2012", "refsource": "VUPEN", "url": "http://www.vupen.com/english/advisories/2008/2012/references"}, {"name": "HPSBST02360", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"name": "http://www.microsoft.com/technet/security/advisory/955179.mspx", "refsource": "CONFIRM", "url": "http://www.microsoft.com/technet/security/advisory/955179.mspx"}, {"name": "SSRT080117", "refsource": "HP", "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"name": "VU#837785", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/837785"}, {"name": "30883", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/30883"}, {"name": "oval:org.mitre.oval:def:6120", "refsource": "OVAL", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6120"}, {"name": "microsoft-snapshotviewer-code-execution(43613)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43613"}, {"name": "30114", "refsource": "BID", "url": "http://www.securityfocus.com/bid/30114"}, {"name": "1020433", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id?1020433"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-07T09:05:28.335Z"}, "title": "CVE Program Container", "references": [{"name": "TA08-189A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-189A.html"}, {"name": "6124", "tags": ["exploit", "x_refsource_EXPLOIT-DB", "x_transferred"], "url": "http://www.exploit-db.com/exploits/6124"}, {"name": "TA08-225A", "tags": ["third-party-advisory", "x_refsource_CERT", "x_transferred"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html"}, {"name": "ADV-2008-2012", "tags": ["vdb-entry", "x_refsource_VUPEN", "x_transferred"], "url": "http://www.vupen.com/english/advisories/2008/2012/references"}, {"name": "HPSBST02360", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.microsoft.com/technet/security/advisory/955179.mspx"}, {"name": "SSRT080117", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"name": "VU#837785", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/837785"}, {"name": "30883", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/30883"}, {"name": "oval:org.mitre.oval:def:6120", "tags": ["vdb-entry", "signature", "x_refsource_OVAL", "x_transferred"], "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6120"}, {"name": "microsoft-snapshotviewer-code-execution(43613)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43613"}, {"name": "30114", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/30114"}, {"name": "1020433", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id?1020433"}]}]}, "cveMetadata": {"assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2008-2463", "datePublished": "2008-07-07T23:00:00", "dateReserved": "2008-05-28T00:00:00", "dateUpdated": "2024-08-07T09:05:28.335Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:office_snapshot_viewer_activex:office_2003:*:*:*:*:*:*:*", "matchCriteriaId": "C2AA6000-5E18-4F7A-8B06-9B7505675262", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_snapshot_viewer_activex:office_xp:*:*:*:*:*:*:*", "matchCriteriaId": "B3353323-E1FF-4167-8DE8-EB3CD66AF721", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_snapshot_viewer_activex:office2000:*:*:*:*:*:*:*", "matchCriteriaId": "7A067607-DFCE-44A7-91B9-E5EAF98CB5AF", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder."}, {"lang": "es", "value": "El control ActiveX Microsoft Office Snapshot Viewer en snapview.ocx, distribuido en Snapshot Viewer and Microsoft Office Access 2000 through 2003, permite a atacantes remotos descargar archivos de su elecci\u00f3n a un equipo cliente a trav\u00e9s de un documento HTML o mensaje de correo manipulados. NOTA: esto puede ser aprovechado para ejecutar c\u00f3digo si se escribe la carpeta de inicio (StartUp)."}], "id": "CVE-2008-2463", "lastModified": "2017-09-29T01:31:10.880", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": true, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}]}, "published": "2008-07-07T23:41:00.000", "references": [{"source": "cret@cert.org", "url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2"}, {"source": "cret@cert.org", "url": "http://secunia.com/advisories/30883"}, {"source": "cret@cert.org", "url": "http://www.exploit-db.com/exploits/6124"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/837785"}, {"source": "cret@cert.org", "url": "http://www.microsoft.com/technet/security/advisory/955179.mspx"}, {"source": "cret@cert.org", "url": "http://www.securityfocus.com/bid/30114"}, {"source": "cret@cert.org", "url": "http://www.securitytracker.com/id?1020433"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-189A.html"}, {"source": "cret@cert.org", "tags": ["US Government Resource"], "url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html"}, {"source": "cret@cert.org", "url": "http://www.vupen.com/english/advisories/2008/2012/references"}, {"source": "cret@cert.org", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/43613"}, {"source": "cret@cert.org", "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6120"}], "sourceIdentifier": "cret@cert.org", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "nvd@nist.gov", "type": "Primary"}]}