Remote Code Execution Vulnerability in Microsoft Office Snapshot Viewer
CVE-2008-2463

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office Snapshot Viewer Activex
Vendor: CVE Published:; 7 July 2008

Badges

👾 Exploit Exists🟡 Public PoC🟣 EPSS 84%

What is CVE-2008-2463?

The Microsoft Office Snapshot Viewer contains a vulnerability in the snapview.ocx ActiveX control, allowing remote attackers to exploit this weakness through specially crafted HTML documents or email messages. By manipulating properties such as SnapshotPath and CompressedPath alongside the PrintSnapshot method, an attacker may download arbitrary files to the client's machine. This capability raises the risk of executing malicious code by leveraging the Startup folder.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-2463 - Proof of Concept

References

http://www.us-cert.gov/cas/techalerts/TA08-189A.html

third-party-advisoryx_refsource_CERT

http://www.exploit-db.com/exploits/6124

exploitx_refsource_EXPLOIT-DB

http://www.us-cert.gov/cas/techalerts/TA08-225A.html

third-party-advisoryx_refsource_CERT

EPSS Score

84% chance of being exploited in the next 30 days.

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jul 7, 2008
👾
Exploit known to exist
Jul 7, 2008
Vulnerability published
Jul 7, 2008
Vulnerability Reserved
May 28, 2008

CVE-2008-2463 Data

JSON