CVE Vulnerabilities

CVE-2008-3460

Published: Aug 12, 2008 | Modified: Oct 12, 2018
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
9.3 HIGH
AV:N/AC:M/Au:N/C:C/I:C/A:C
RedHat/V2
RedHat/V3
Ubuntu

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the WPG Image File Heap Corruption Vulnerability.

Affected Software

Name Vendor Start Version End Version
Office_converter_pack Microsoft * *
Office Microsoft xp xp
Office Microsoft 2003 2003
Works Microsoft 8.0 8.0
Office Microsoft 2000 2000

References