header-logo
Suggest Exploit
vendor:
Office XP SP3
by:
Marsupilamipowa@hotmail.fr
9.3
CVSS
HIGH
Remote Code Execution
119
CWE
Product Name: Office XP SP3
Affected Version From: Office XP SP3
Affected Version To: Office XP SP3 with updates prior to 03/11/08
Patch Exists: YES
Related CWE: CVE-2008-1058
CPE: a:microsoft:office_xp_sp3
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: None
2008

Runs calc.exe on Office XP SP3 with updates < 03/11/08

This exploit allows a remote attacker to execute arbitrary code on a vulnerable system. It is triggered by sending a specially crafted packet to the target system. The exploit takes advantage of a vulnerability in Microsoft Office XP SP3 with updates prior to 03/11/08. The vulnerability is caused by a boundary error when processing certain packets, which can be exploited to cause a stack-based buffer overflow.

Mitigation:

Users should apply the patch from Microsoft. Additionally, users should ensure that their systems are up-to-date with the latest security patches.
Source

Exploit-DB raw data:

Runs calc.exe on Office XP SP3 with updates < 03/11/08.

Just for fun...

https://gitlab.com/exploit-database/exploitdb-bin-sploits/-/raw/main/bin-sploits/31361.tgz (2008-ms08-016.tgz)

Marsupilamipowa@hotmail.fr

# milw0rm.com [2008-03-30]

Navigation

Suggest Exploit

Services By CQR