Malformed PICT Filter Vulnerability in Microsoft Office Products
CVE-2008-3018

Currently unrated

Key Information:

Vendor: Microsoft
Status: Office; Office Converter Pack; Works
Vendor: CVE Published:; 12 August 2008

What is CVE-2008-3018?

The vulnerability arises from the improper parsing of PICT files by various Microsoft Office versions and Works 8, enabling remote attackers to execute arbitrary code via specially crafted PICT files. This vulnerability highlights the necessity for users to apply security updates and be cautious when handling unknown files.

References

https://docs.microsoft.com/en-us/security-updates/securit...

vendor-advisoryx_refsource_MS

http://www.us-cert.gov/cas/techalerts/TA08-225A.html

third-party-advisoryx_refsource_CERT

http://www.securityfocus.com/bid/30597

vdb-entryx_refsource_BID

EPSS Score

50% chance of being exploited in the next 30 days.

Timeline

Vulnerability published
Aug 12, 2008
Vulnerability Reserved
Jul 7, 2008