What is the severity of CVE-2008-1089?

CVE-2008-1089 has been classified as a critical vulnerability, allowing remote code execution.

How do I fix CVE-2008-1089?

To resolve CVE-2008-1089, it is recommended to apply the latest security updates provided by Microsoft for the affected Office and Visio products.

What products are affected by CVE-2008-1089?

CVE-2008-1089 affects multiple versions of Microsoft Visio including 2002 SP2, 2003 SP1, 2003 SP2, 2003 SP3, and 2007 versions.

How can attackers exploit CVE-2008-1089?

Attackers can exploit CVE-2008-1089 by crafting malicious Visio files that, when opened by a user, execute arbitrary code.

Is user interaction required to exploit CVE-2008-1089?

Yes, exploitation of CVE-2008-1089 requires user interaction to open a specially crafted Visio file.

Vulnerability/
CVE-2008-1089

critical

9.3

CWE

8/4/2008

7/8/2024

CVE-2008-1089: Code Injection

First published: Tue Apr 08 2008(Updated: )

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability."

Credit: secure@microsoft.com

Affected Software	Affected Version	How to fix
Microsoft Office	=2003-sp2
Microsoft Office	=2003-sp3
Microsoft Office	=2007
Microsoft Office	=2007_sp1
Microsoft Office	=xp-sp2
Microsoft Visio Professional	=2002-sp2
Microsoft Visio Professional	=2003-sp1
Microsoft Visio Professional	=2003_sp3
Microsoft Visio Professional	=2007
Microsoft Visio Professional	=2007_sp1

Remedy

http://www.securityfocus.com/bid/28555

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-1089?
CVE-2008-1089 has been classified as a critical vulnerability, allowing remote code execution.
How do I fix CVE-2008-1089?
To resolve CVE-2008-1089, it is recommended to apply the latest security updates provided by Microsoft for the affected Office and Visio products.
What products are affected by CVE-2008-1089?
CVE-2008-1089 affects multiple versions of Microsoft Visio including 2002 SP2, 2003 SP1, 2003 SP2, 2003 SP3, and 2007 versions.
How can attackers exploit CVE-2008-1089?
Attackers can exploit CVE-2008-1089 by crafting malicious Visio files that, when opened by a user, execute arbitrary code.
Is user interaction required to exploit CVE-2008-1089?
Yes, exploitation of CVE-2008-1089 requires user interaction to open a specially crafted Visio file.

agent/type
agent/softwarecombine
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/weakness
agent/author
agent/last-modified-date
agent/references
agent/description
agent/first-publish-date
agent/event
agent/source
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
collector/nvd-historical
vendor/microsoft
canonical/microsoft office
version/microsoft office/2003-sp2
version/microsoft office/2003-sp3
version/microsoft office/2007
version/microsoft office/2007_sp1
version/microsoft office/xp-sp2
canonical/microsoft visio professional
version/microsoft visio professional/2002-sp2
version/microsoft visio professional/2003-sp1
version/microsoft visio professional/2003_sp3
version/microsoft visio professional/2007
version/microsoft visio professional/2007_sp1

Frequently Asked Questions

What is the severity of CVE-2008-1089?
CVE-2008-1089 has been classified as a critical vulnerability, allowing remote code execution.
How do I fix CVE-2008-1089?
To resolve CVE-2008-1089, it is recommended to apply the latest security updates provided by Microsoft for the affected Office and Visio products.
What products are affected by CVE-2008-1089?
CVE-2008-1089 affects multiple versions of Microsoft Visio including 2002 SP2, 2003 SP1, 2003 SP2, 2003 SP3, and 2007 versions.
How can attackers exploit CVE-2008-1089?
Attackers can exploit CVE-2008-1089 by crafting malicious Visio files that, when opened by a user, execute arbitrary code.
Is user interaction required to exploit CVE-2008-1089?
Yes, exploitation of CVE-2008-1089 requires user interaction to open a specially crafted Visio file.

CVE-2008-1089: Code Injection

Remedy

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-1089?

How do I fix CVE-2008-1089?

What products are affected by CVE-2008-1089?

How can attackers exploit CVE-2008-1089?

Is user interaction required to exploit CVE-2008-1089?

Company

Resources

Contact

Frequently Asked Questions

What is the severity of CVE-2008-1089?

How do I fix CVE-2008-1089?

What products are affected by CVE-2008-1089?

How can attackers exploit CVE-2008-1089?

Is user interaction required to exploit CVE-2008-1089?