Published: 10/10/2008 Updated: 23/05/2021

CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10

VMScore: 890

Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C

Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 up to and including 2.1 and iPhone OS for iPod touch 1.1 up to and including 2.1 allows remote malicious users to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns."

Vulnerable Product	Search on Vulmon	Subscribe to Product
apple mac os x 10.5.5
apple mac os x server 10.5.5
apple iphone os 1.0.0
apple iphone os 1.0.1
apple iphone os 1.1.5
apple iphone os 2.0.0
apple iphone os 1.1.1
apple iphone os 1.1.2
apple iphone os 1.1.3
apple iphone os 1.1.4
apple iphone os 1.0.2
apple iphone os 1.1.0
apple iphone os 2.0.1
apple iphone os 2.1
apple iphone os 2.0.2

CWE-189 http://www.securityfocus.com/bid/31681 http://lists.apple.com/archives/security-announce/2008/Oct/msg00001.html http://secunia.com/advisories/32222 http://support.apple.com/kb/HT3216 http://www.securityfocus.com/bid/31707 http://support.apple.com/kb/HT3318 http://lists.apple.com/archives/security-announce/2008/Nov/msg00002.html http://secunia.com/advisories/32756 http://www.securitytracker.com/id?1021027 http://www.vupen.com/english/advisories/2008/2780 http://www.vupen.com/english/advisories/2008/3232 https://exchange.xforce.ibmcloud.com/vulnerabilities/45784 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2008-4211

Vulnerability Summary

Vulnerability Trend

References

Vulmon Search

About

Products

Connect