Vulnerability Name:

CVE-2008-3068 (CCN-43627)

Assigned:2008-04-01
Published:2008-04-01
Updated:2018-10-11
Summary:Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
CVSS v3 Severity:5.3 Medium (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): None
Availibility (A): None
CVSS v2 Severity:7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
6.4 Medium (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P/E:POC/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
4.3 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N)
3.7 Low (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N/E:POC/RL:U/RC:UR)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): None
Availibility (A): None
Vulnerability Type:CWE-Other
Vulnerability Consequences:Obtain Information
References:Source: MITRE
Type: CNA
CVE-2008-3068

Source: CCN
Type: Microsoft Office Online Web site
Office Online Home Page

Source: SREASON
Type: UNKNOWN
3978

Source: CCN
Type: SECTRACK ID: 1019736
Microsoft Outlook S/MIME Processing Lets Remote Users Access Arbitrary URLs

Source: CCN
Type: SECTRACK ID: 1019737
Windows Live Mail S/MIME Processing Lets Remote Users Access Arbitrary URLs

Source: CCN
Type: SECTRACK ID: 1019738
Microsoft Office S/MIME Processing Lets Remote Users Access Arbitrary URLs

Source: CCN
Type: OSVDB ID: 47004
Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Disclosure

Source: BUGTRAQ
Type: UNKNOWN
20080703 Unauthorized reading confirmation from Outlook

Source: BUGTRAQ
Type: UNKNOWN
20080709 Re: Unauthorized reading confirmation from Outlook

Source: BID
Type: UNKNOWN
28548

Source: CCN
Type: BID-28548
Microsoft Crypto API X.509 Certificate Validation Remote Information Disclosure Vulnerability

Source: SECTRACK
Type: UNKNOWN
1019736

Source: SECTRACK
Type: UNKNOWN
1019737

Source: SECTRACK
Type: UNKNOWN
1019738

Source: XF
Type: UNKNOWN
microsoft-cryptoapi-crl-info-disclosure(43627)

Source: CCN
Type: Security Advisory AKLINK-SA-2008-002
HTTP over X.509 (S/MIME) - Microsoft Outlook

Source: MISC
Type: UNKNOWN
https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt

Source: CCN
Type: Security Advisory AKLINK-SA-2008-003
HTTP over X.509 (S/MIME) - Windows Live Mail

Source: MISC
Type: UNKNOWN
https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt

Source: CCN
Type: Security Advisory AKLINK-SA-2008-004
HTTP over X.509 - Microsoft Office 2007

Source: MISC
Type: UNKNOWN
https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt

Source: MISC
Type: UNKNOWN
https://www.cynops.de/techzone/http_over_x509.html

Source: MISC
Type: UNKNOWN
https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt

Source: MISC
Type: UNKNOWN
https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt

Source: MISC
Type: UNKNOWN
https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt

Vulnerable Configuration:Configuration 1:
  • cpe:/a:microsoft:access:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:excel:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:excel:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:frontpage:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:groove:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:infopath:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:infopath:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:office:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:office:2007:sp1:*:*:*:*:*:*
  • OR cpe:/a:microsoft:office_communicator:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:onenote:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:outlook:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:powerpoint:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:powerpoint:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:project_professional:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:project_standard:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:publisher:2003:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:publisher:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:sharepoint_designer:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visio_professional:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:visio_standard:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:windows_live_mail:2008:*:*:*:*:*:*:*

  • Configuration CCN 1:
  • cpe:/a:microsoft:outlook:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:office:2007:*:*:*:*:*:*:*
  • OR cpe:/a:microsoft:windows_live_mail:2008:*:*:*:*:*:*:*

  • * Denotes that component is vulnerable
    BACK
    microsoft access 2007
    microsoft excel 2003
    microsoft excel 2007
    microsoft frontpage 2003
    microsoft groove 2007
    microsoft infopath 2003
    microsoft infopath 2007
    microsoft office 2007
    microsoft office 2007 sp1
    microsoft office communicator 2007
    microsoft onenote 2003
    microsoft outlook 2003
    microsoft outlook 2007
    microsoft powerpoint 2003
    microsoft powerpoint 2007
    microsoft project professional 2007
    microsoft project standard 2007
    microsoft publisher 2003
    microsoft publisher 2007
    microsoft sharepoint designer 2007
    microsoft visio professional 2007
    microsoft visio standard 2007
    microsoft windows live mail 2008
    microsoft outlook 2007
    microsoft office 2007
    microsoft windows live mail 2008