Summary
The host has Microsoft Organization Chart, which is prone to a remote code execution vulnerability.
Impact
Enticing the victim into opening a malicious crafted Organization Chart document, remote attackers can crash the application or execute arbitrary code on the affected system within the context of the affected application.
Impact Level : Application
Solution
No solution or patch was made available for at least one year since disclosure of this vulnerability. Likely none will be provided anymore.
General solution options are to upgrade to a newer release, disable respective features, remove the product or replace the product by another one.
For updates refer to http://office.microsoft.com/en-us/ork2003/HA011402441033.aspx
Insight
Microsoft Organization Chart is prone to a remote code execution vulnerability. The flaw is due to memory access violation error when opening malicious Organization Chart document.
Affected
MS Organization Chart versions 2.0 (11.0.5614.0) and prior on Windows (all).
References
Updated on 2017-03-28
Severity
Classification
-
CVE CVE-2008-3956 -
CVSS Base Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C
Related Vulnerabilities
- Microsoft Windows Progman Group Converter Insecure Library Loading Vulnerability
- Microsoft Windows IPv4 Default Configuration Security Bypass Vulnerability
- Internet Explorer version check
- Microsoft PowerPoint 2007 OfficeArt Atom Remote Code Execution Vulnerability
- Microsoft Windows ActiveX Control Multiple Vulnerabilities (2562937)