Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2008-1898

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInterface property value, which triggers an improper function call.

  • Published: Apr 21, 2008
  • Updated: Apr 13, 2023
  • CVE: CVE-2008-1898
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 9.3
  • AV:N/AC:M/Au:N/C:C/I:C/A:C

CWEs:

Software From Fixed in
microsoft / works 7.0 7.0.x
microsoft / office 2003 2003.x
microsoft / office 2007 2007.x