NVD

Id
2454  
Name
CVE-2008-2547  
Description
Stack-based buffer overflow in msiexec.exe 3.1.4000.1823 and 4.5.6001.22159 in Microsoft Windows Installer allows context-dependent attackers to execute arbitrary code via a long GUID value for the /x (aka /uninstall) option. NOTE: this issue might cross privilege boundaries if msiexec.exe is reachable via components such as ActiveX controls, and might additionally require a separate vulnerability in the control.  
Reject
 
CVSS Version
2  
CVSS Score
9.3  
Severity
High  
CVSS Base Score
9.3  
CVSS Impact Subscore
10  
CVSS Exploit Subscore
8.6  
CVSS Vector
(AV:N/AC:M/Au:N/C:C/I:C/A:C)  
Pub Date
2017-01-03  
Published
2008-06-04  
Modified Date
2008-09-10  
Seq
2008-2547  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
15568 2454 CVE-2008-2547 http://www.aushack.com/200806-msiexec.txt  View
15569 2454 CVE-2008-2547 20080603 Windows Installer msiexec GUID Buffer Overflow  View
15570 2454 CVE-2008-2547 20080603 Re: Windows Installer msiexec GUID Buffer Overflow  View
15571 2454 CVE-2008-2547 20080603 RE: Windows Installer msiexec GUID Buffer Overflow  View
15572 2454 CVE-2008-2547 win-msiexec-bo(42887)  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
49189 JVNDB-2008-004499 Microsoft Windows Installer の msiexec.exe におけるスタックベースのバッファオーバーフローの脆弱性 Microsoft Windows Installer の msiexec.exe には、スタックベースのバッファオーバーフローの脆弱性が存在します。 CVE-2008-2547 32660 CVE-2008-2547 2454 9.3 http://jvndb.jvn.jp/ja/contents/2008/JVNDB-2008-004499.html 2008-06-04 2012-09-25 View