{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T09:19:07.634","vulnerabilities":[{"cve":{"id":"CVE-2008-1090","sourceIdentifier":"secure@microsoft.com","published":"2008-04-08T23:05:00.000","lastModified":"2025-04-09T00:30:58.490","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka \"Visio Memory Validation Vulnerability.\""},{"lang":"es","value":"Vulnerabilidad sin especificar en Microsoft Visio 2002 SP2, 2003 SP2 y SP3, y 2007 hasta SP1, que permite a atacantes remotos asistidos por el usuario ejecutar código de su elección a través de un un archivo .DXF manipulado. También conocida como \"Vulnerabilidad de Validación de Memoria en Visio\"."}],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:N/C:C/I:C/A:C","baseScore":9.3,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":8.6,"impactScore":10.0,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"CWE-399"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:*","matchCriteriaId":"07D3F3E4-93FB-481A-94D9-075E726697C4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*","matchCriteriaId":"A332D04D-CC8C-4F68-A261-BA2F2D8EAD1E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2007:*:*:*:*:*:*:*","matchCriteriaId":"828219FA-E694-46DA-93B0-BE2EC5BBF61E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:2007_sp1:*:*:*:*:*:*:*","matchCriteriaId":"4142D44F-26F2-467B-A7DE-00239C0013D4"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:*","matchCriteriaId":"9D02D769-061D-44A5-B019-F4E653DF615A"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visio:2002:sp2:*:*:*:*:*:*","matchCriteriaId":"D0D2C5C3-225C-49DC-B9C7-C5BC05900F2E"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visio:2003:sp1:*:*:*:*:*:*","matchCriteriaId":"6FBEFBED-72F3-447B-8164-9E5C16828484"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visio:2003_sp3:*:*:*:*:*:*:*","matchCriteriaId":"70415FAE-E313-4F76-961D-A259651CFC5F"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visio:2007:*:*:*:*:*:*:*","matchCriteriaId":"C27CD3D6-9893-4522-B70F-F69A6E4A9CDE"},{"vulnerable":true,"criteria":"cpe:2.3:a:microsoft:visio:2007_sp1:*:*:*:*:*:*:*","matchCriteriaId":"344E501A-B7A4-4309-AD7A-CA7A8A05D82D"}]}]}],"references":[{"url":"http://marc.info/?l=bugtraq&m=120845064910729&w=2","source":"secure@microsoft.com"},{"url":"http://secunia.com/advisories/29691","source":"secure@microsoft.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/28556","source":"secure@microsoft.com","tags":["Patch"]},{"url":"http://www.securitytracker.com/id?1019804","source":"secure@microsoft.com"},{"url":"http://www.us-cert.gov/cas/techalerts/TA08-099A.html","source":"secure@microsoft.com","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2008/1143/references","source":"secure@microsoft.com"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-019","source":"secure@microsoft.com"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41452","source":"secure@microsoft.com"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5344","source":"secure@microsoft.com"},{"url":"http://marc.info/?l=bugtraq&m=120845064910729&w=2","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://secunia.com/advisories/29691","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/28556","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"]},{"url":"http://www.securitytracker.com/id?1019804","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.us-cert.gov/cas/techalerts/TA08-099A.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"]},{"url":"http://www.vupen.com/english/advisories/2008/1143/references","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-019","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/41452","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5344","source":"af854a3a-2127-422b-91ae-364da2661108"}]}}]}