Vulnerability Name:

CVE-2008-4211 (CCN-45784)

Assigned:2008-10-09
Published:2008-10-09
Updated:2021-05-23
Summary:Integer signedness error in (1) QuickLook in Apple Mac OS X 10.5.5 and (2) Office Viewer in Apple iPhone OS 1.0 through 2.1 and iPhone OS for iPod touch 1.1 through 2.1 allows remote attackers to cause a denial of service (application termination) and execute arbitrary code via a crafted Microsoft Excel file that triggers an out-of-bounds memory access, related to "handling of columns."
CVSS v3 Severity:7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
Exploitability Metrics:Attack Vector (AV): Network
Attack Complexity (AC): Low
Privileges Required (PR): None
User Interaction (UI): None
Scope:Scope (S): Unchanged
Impact Metrics:Confidentiality (C): Low
Integrity (I): Low
Availibility (A): Low
CVSS v2 Severity:10.0 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C)
7.4 High (Temporal CVSS v2 Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Low
Authentication (Au): None
Impact Metrics:Confidentiality (C): Complete
Integrity (I): Complete
Availibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P)
5.0 Medium (CCN Temporal CVSS v2 Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P/E:U/RL:OF/RC:C)
Exploitability Metrics:Access Vector (AV): Network
Access Complexity (AC): Medium
Athentication (Au): None
Impact Metrics:Confidentiality (C): Partial
Integrity (I): Partial
Availibility (A): Partial
Vulnerability Type:CWE-189
Vulnerability Consequences:Gain Access
References:Source: MITRE
Type: CNA
CVE-2008-4211

Source: APPLE
Type: UNKNOWN
APPLE-SA-2008-11-20

Source: APPLE
Type: Vendor Advisory
APPLE-SA-2008-10-09

Source: CCN
Type: SA32222
Apple Mac OS X Security Update Fixes Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
32222

Source: CCN
Type: SA32756
Apple iPhone / iPod touch Multiple Vulnerabilities

Source: SECUNIA
Type: Vendor Advisory
32756

Source: CCN
Type: SECTRACK ID: 1021027
Mac OS X QuickLook Bug in Processing Excel Columns Lets Remote Users Execute Arbitrary Code

Source: CCN
Type: Apple Web site
About Security Update 2008-007

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3216

Source: CONFIRM
Type: UNKNOWN
http://support.apple.com/kb/HT3318

Source: CCN
Type: OSVDB ID: 48980
Apple Mac OS X QuickLook Excel File Handling Arbitrary Code Execution

Source: BID
Type: Patch
31681

Source: CCN
Type: BID-31681
RETIRED: Apple Mac OS X 2008-007 Multiple Security Vulnerabilities

Source: BID
Type: UNKNOWN
31707

Source: CCN
Type: BID-31707
Apple OS X QuickLook Excel File Integer Overflow Vulnerability

Source: SECTRACK
Type: UNKNOWN
1021027

Source: VUPEN
Type: Vendor Advisory
ADV-2008-2780

Source: VUPEN
Type: Vendor Advisory
ADV-2008-3232

Source: XF
Type: UNKNOWN
macosx-quicklook2-code-execution(45784)

Source: XF
Type: UNKNOWN
macosx-quicklook2-code-execution(45784)

Vulnerable Configuration:Configuration 1:
  • cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*

    • Configuration 2:
  • cpe:/o:apple:iphone_os:1.0.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.5:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.0:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.1:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.4:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.2:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.0:-:iphone:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:-:iphone:*:*:*:*:*

    • Configuration 3:
  • cpe:/o:apple:iphone_os:1.1.4:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.1:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.2:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.0:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.0:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.5:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:-:ipodtouch:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*

    • Configuration CCN 1:
  • cpe:/o:apple:mac_os_x:10.5.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:mac_os_x_server:10.5.5:*:*:*:*:*:*:*
  • AND
  • cpe:/o:apple:iphone_os:1.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.5:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1.2:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1.3:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:1.1.4:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0.2:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/h:apple:ipod_touch:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.0.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:2.1:*:*:*:*:*:*:*
  • OR cpe:/o:apple:iphone_os:1.1:*:*:*:*:*:*:*

    • * Denotes that component is vulnerable
    BACK
    apple mac os x 10.5.5
    apple mac os x server 10.5.5
    apple iphone os 1.0.0
    apple iphone os 1.0.1 -
    apple iphone os 1.1.5 -
    apple iphone os 2.0.0 -
    apple iphone os 1.1.1 -
    apple iphone os 1.1.2 -
    apple iphone os 1.1.3 -
    apple iphone os 1.1.4 -
    apple iphone os 1.0.2 -
    apple iphone os 1.1.0 -
    apple iphone os 2.0.1 -
    apple iphone os 1.1.4 -
    apple iphone os 1.1.3 -
    apple iphone os 2.1 -
    apple iphone os 2.0.2 -
    apple iphone os 2.0.1 -
    apple iphone os 1.1.0 -
    apple iphone os 2.0.0 -
    apple iphone os 1.1.5 -
    apple iphone os 1.1.2 -
    apple iphone os 1.1.1
    apple mac os x 10.5.5
    apple mac os x server 10.5.5
    apple iphone 1.0
    apple iphone 1.1.2
    apple iphone 1.1.3
    apple iphone 1.0.1
    apple iphone 1.02
    apple iphone 1.1.1
    apple ipod touch 1.1
    apple ipod touch 1.1.1
    apple ipod touch 1.1.2
    apple iphone 1.1.4
    apple ipod touch 1.1.3
    apple ipod touch 1.1.4
    apple iphone 2.0.2
    apple ipod touch 2.0.2
    apple ipod touch 2.0.1
    apple ipod touch 2.0
    apple iphone 2.0
    apple iphone 2.0.1
    apple iphone 2.1
    apple iphone 1.1