Unrated severityNVD Advisory· Published Dec 10, 2008· Updated Jun 16, 2026
CVE-2008-4266
CVE-2008-4266
Description
Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Excel spreadsheet with a NAME record that contains an invalid index value, which triggers stack corruption, aka "Excel Global Array Memory Corruption Vulnerability."
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
12cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:a:microsoft:excel_viewer:2003:*:*:*:*:*:*:*
- cpe:2.3:a:microsoft:excel_viewer:2003:sp3:*:*:*:*:*:*
- (no CPE)range: 2003 Gold and SP3
cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*+ 1 more
- cpe:2.3:a:microsoft:open_xml_file_format_converter:*:*:mac:*:*:*:*:*
- (no CPE)
- Range: 2000 SP3, 2002 SP3, 2003 SP3
Patches
Vulnerability mechanics
References
7- secunia.com/secunia_research/2008-36/nvdVendor Advisory
- www.vupen.com/english/advisories/2008/3386nvdVendor Advisory
- www.us-cert.gov/cas/techalerts/TA08-344A.htmlnvdUS Government Resource
- www.securityfocus.com/archive/1/499055/100/0/threadednvd
- www.securitytracker.com/idnvd
- docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-074nvd
- oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5808nvd
News mentions
0No linked articles in our index yet.