Vulnerability in Microsoft Access
CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail messag…
EPSS: 0.174 (96.7th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Access — versions 2007
- Microsoft Excel — versions 2003, 2007
- Microsoft Frontpage — versions 2003
- Microsoft Groove — versions 2007
- Microsoft Infopath — versions 2003, 2007
- Microsoft Office — versions 2007
- Microsoft Office_communicator — versions 2007
- Microsoft Onenote — versions 2003
- Microsoft Outlook — versions 2003, 2007
- Microsoft Powerpoint — versions 2003, 2007
References
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_SREASON, third-party-advisory)
- cve@mitre.org (mailing-list, x_refsource_BUGTRAQ)
- cve@mitre.org (vdb-entry, x_refsource_BID)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (x_refsource_MISC)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (vdb-entry, x_refsource_SECTRACK)
- cve@mitre.org (x_refsource_MISC)