CVE-2008-3460

CVE-2008-3460 · HIGH Severity

AV:N/AC:M/AU:N/C:C/I:C/A:C

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability."

Learn more about our Cis Benchmark Audit For Microsoft Office.