Microsoft Office OneNote URL Handler Remote Code Execution Vulnerability

Bugtraq ID: 31067
Class: Boundary Condition Error
CVE: CVE-2008-3007
Remote: Yes
Local: No
Published: Sep 09 2008 12:00AM
Updated: Sep 25 2008 07:09PM
Credit: Brett Moore of Insomnia Security
Vulnerable: Microsoft OneNote 2007 SP1
Microsoft OneNote 2007 0
Microsoft Office XP SP3
+ Microsoft Excel 2002 SP3
+ Microsoft Excel 2002 SP3
+ Microsoft FrontPage 2002 SP3
+ Microsoft FrontPage 2002 SP3
+ Microsoft Outlook 2002 SP3
+ Microsoft Outlook 2002 SP3
+ Microsoft PowerPoint 2002 SP3
+ Microsoft PowerPoint 2002 SP3
+ Microsoft Publisher 2002 SP3
+ Microsoft Publisher 2002 SP3
Microsoft Office XP SP2
- Microsoft Windows 2000 Professional SP3
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows 98SE
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home SP1
- Microsoft Windows XP Home
- Microsoft Windows XP Professional SP1
- Microsoft Windows XP Professional
Microsoft Office XP SP1
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Microsoft Office XP
- Microsoft Windows 2000 Professional SP2
- Microsoft Windows 2000 Professional SP1
- Microsoft Windows 2000 Professional
- Microsoft Windows 98
- Microsoft Windows ME
- Microsoft Windows NT Workstation 4.0 SP6a
- Microsoft Windows NT Workstation 4.0 SP6
- Microsoft Windows NT Workstation 4.0 SP5
- Microsoft Windows NT Workstation 4.0 SP4
- Microsoft Windows NT Workstation 4.0 SP3
- Microsoft Windows NT Workstation 4.0 SP2
- Microsoft Windows NT Workstation 4.0 SP1
- Microsoft Windows NT Workstation 4.0
- Microsoft Windows XP Home
- Microsoft Windows XP Professional
Microsoft Office 2007 SP1
Microsoft Office 2007 0
+ Microsoft Access 2007 0
+ Microsoft Access 2007 0
+ Microsoft Excel 2003
+ Microsoft Excel 2007 0
+ Microsoft Excel 2007 0
+ Microsoft FrontPage 2003
+ Microsoft Groove 2007 0
+ Microsoft Groove 2007 0
+ Microsoft InfoPath 2003
+ Microsoft InfoPath 2007 0
+ Microsoft InfoPath 2007 0
+ Microsoft Office Communicator 2007 0
+ Microsoft Office Communicator 2007 0
+ Microsoft OneNote 2003 0
+ Microsoft Outlook 2003 0
+ Microsoft Outlook 2007 0
+ Microsoft Outlook 2007 0
+ Microsoft PowerPoint 2003 0
+ Microsoft PowerPoint 2007 0
+ Microsoft PowerPoint 2007 0
+ Microsoft Project Professional 2007 0
+ Microsoft Project Professional 2007 0
+ Microsoft Project Standard 2007 0
+ Microsoft Project Standard 2007 0
+ Microsoft Publisher 2003
+ Microsoft Publisher 2007 0
+ Microsoft Publisher 2007 0
+ Microsoft SharePoint Designer 2007 0
+ Microsoft SharePoint Designer 2007 0
+ Microsoft Visio Professional 2007 0
+ Microsoft Visio Professional 2007 0
+ Microsoft Visio Standard 2007 0
+ Microsoft Visio Standard 2007 0
Microsoft Office 2003 SP3
Microsoft Office 2003 SP2
Microsoft Office 2003 SP1
Microsoft Office 2003 0
+ Microsoft Excel 2003
+ Microsoft FrontPage 2003
+ Microsoft InfoPath 2003
+ Microsoft OneNote 2003 0
+ Microsoft Outlook 2003 0
+ Microsoft PowerPoint 2003 0
+ Microsoft Publisher 2003
HP Storage Management Appliance III
HP Storage Management Appliance II
HP Storage Management Appliance I
HP Storage Management Appliance 2.1
+ HP Storage Management Appliance III
+ HP Storage Management Appliance II
+ HP Storage Management Appliance I
Not Vulnerable:


 

Privacy Statement
Copyright 2010, SecurityFocus