admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-05-29 01:31:20 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2008/CVE-2008-22xx/CVE-2008-2245.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

226 lines
6.9 KiB
JSON
Raw Blame History

{
"id": "CVE-2008-2245",
"sourceIdentifier": "secure@microsoft.com",
"published": "2008-08-13T00:41:00.000",
"lastModified": "2024-11-21T00:46:25.893",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Heap-based buffer overflow in the InternalOpenColorProfile function in mscms.dll in Microsoft Windows Image Color Management System (MSCMS) in the Image Color Management (ICM) component on Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted image file."
},
{
"lang": "es",
"value": "Un desbordamiento de b\u00fafer en la regi\u00f3n heap de la memoria en la funci\u00f3n InternalOpenColorProfile en la biblioteca mscms.dll en Windows Image Color Management System (MSCMS) de Microsoft en el componente Image Color Management (ICM) sobre Windows 2000 SP4, XP SP2 y SP3 y Server 2003 SP1 y SP2, permiten a los atacantes remotos ejecutar c\u00f3digo arbitrario por medio de un archivo de imagen dise\u00f1ado."
}
],
"metrics": {
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C",
"baseScore": 9.3,
"accessVector": "NETWORK",
"accessComplexity": "MEDIUM",
"authentication": "NONE",
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"availabilityImpact": "COMPLETE"
},
"baseSeverity": "HIGH",
"exploitabilityScore": 8.6,
"impactScore": 10.0,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2000:*:sp4:*:*:*:*:*:*",
"matchCriteriaId": "83E7C4A0-78CF-4B56-82BF-EC932BDD8ADF"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp1:*:*:*:*:*:*",
"matchCriteriaId": "FE8F4276-4D97-480D-A542-FE9982FFD765"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_2003_server:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "2978BF86-5A1A-438E-B81F-F360D0E30C9C"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9B339C33-8896-4896-88FF-88E74FDBC543"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:o:microsoft:windows_xp:*:sp3:*:*:*:*:*:*",
"matchCriteriaId": "CE477A73-4EE4-41E9-8694-5A3D5DC88656"
}
]
}
]
}
],
"references": [
{
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742",
"source": "secure@microsoft.com"
},
{
"url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2",
"source": "secure@microsoft.com"
},
{
"url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2",
"source": "secure@microsoft.com"
},
{
"url": "http://secunia.com/advisories/31385",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/309739",
"source": "secure@microsoft.com",
"tags": [
"Patch",
"US Government Resource"
]
},
{
"url": "http://www.securityfocus.com/bid/30594",
"source": "secure@microsoft.com",
"tags": [
"Patch"
]
},
{
"url": "http://www.securitytracker.com/id?1020675",
"source": "secure@microsoft.com"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html",
"source": "secure@microsoft.com",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2350",
"source": "secure@microsoft.com",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-046",
"source": "secure@microsoft.com"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923",
"source": "secure@microsoft.com"
},
{
"url": "https://www.exploit-db.com/exploits/6732",
"source": "secure@microsoft.com"
},
{
"url": "http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=742",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://marc.info/?l=bugtraq&m=121915960406986&w=2",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://secunia.com/advisories/31385",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.kb.cert.org/vuls/id/309739",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
]
},
{
"url": "http://www.securityfocus.com/bid/30594",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
]
},
{
"url": "http://www.securitytracker.com/id?1020675",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "http://www.us-cert.gov/cas/techalerts/TA08-225A.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"US Government Resource"
]
},
{
"url": "http://www.vupen.com/english/advisories/2008/2350",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Vendor Advisory"
]
},
{
"url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-046",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5923",
"source": "af854a3a-2127-422b-91ae-364da2661108"
},
{
"url": "https://www.exploit-db.com/exploits/6732",
"source": "af854a3a-2127-422b-91ae-364da2661108"
}
]
}
Reference in New Issue View Git Blame Copy Permalink