CVE-2009-0559
https://notcve.org/view.php?id=CVE-2009-0559
Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "String Copy Stack-Based Overrun Vulnerability." Desbordamiento de búfer basado en pila en Excel en Microsoft Office 2000 SP3 y Office XP SP3, permite a atacantes remotos ejecutar código de su elección a través de un archivo Excel con un objeto de registro mal formado, también conocido como "Vulnerabilidad String Copy Stack-Based Overrun". • http://www.securityfocus.com/bid/35243 http://www.securitytracker.com/id?1022351 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1540 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6273 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-0560
https://notcve.org/view.php?id=CVE-2009-0560
Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Field Sanitization Memory Corruption Vulnerability." Excel en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, y Office 2004 y 2008 para Mac; Excel en 2007 Microsoft Office System SP1 y SP2; Open XML File Format Converter para Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; y Microsoft Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2 permite a atacantes remotos ejecutar código de su elección a través de un archivo Excel manipulado con un objeto record mal formado, también conocido como "Vulnerabilidad de corrupción de memoria en la limpieza de campos". • http://osvdb.org/54956 http://www.securityfocus.com/bid/35244 http://www.securitytracker.com/id?1022351 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1540 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6178 • CWE-399: Resource Management Errors •
CVE-2009-0561
https://notcve.org/view.php?id=CVE-2009-0561
Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with a Shared String Table (SST) record with a numeric field that specifies an invalid number of unique strings, which triggers a heap-based buffer overflow, aka "Record Integer Overflow Vulnerability." Un desbordamiento enteros en Excel en Office 2000 SP3, Office XP SP3, Office 2003 SP3 y Office 2004 y 2008 para Mac de Microsoft; Excel en 2007 Office System SP1 y SP2 de Microsoft; Open XML File Format Converter para Mac; Office Excel Viewer 2003 SP3 de Microsoft; Office Excel Viewer de Microsoft; Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007 SP1 y SP2 de Microsoft; y Office SharePoint Server 2007 SP1 y SP2 de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de Excel con un registro de tabla de cadenas compartidas (SST) con un campo numérico que especifica un número no válido de cadenas únicas, lo que desencadena un desbordamiento de búfer en la región heap de la memoria, también se conoce como "Record Integer Overflow Vulnerability". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=805 http://osvdb.org/54957 http://secunia.com/secunia_research/2009-12 http://www.securityfocus.com/archive/1/504190/100/0/threaded http://www.securityfocus.com/bid/35245 http://www.securitytracker.com/id?1022351 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1540 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021 https://ov • CWE-189: Numeric Errors •
CVE-2009-0230
https://notcve.org/view.php?id=CVE-2009-0230
The Windows Print Spooler in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 allows remote authenticated users to gain privileges via a crafted RPC message that triggers loading of a DLL file from an arbitrary directory, aka "Print Spooler Load Library Vulnerability." La cola de impresión de Windows en Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 permite a usuraio autenticados remotamente obtener privilegios a través de un mensaje RCP manipulado que lanza la carga de un archivo DLL desde un directorio de su elección, también conocido como "Vulnerabilidad en la carga librería de la cola de impresión". • http://osvdb.org/54934 http://secunia.com/advisories/35365 http://support.avaya.com/elmodocs2/security/ASA-2009-217.htm http://www.securityfocus.com/bid/35209 http://www.securitytracker.com/id?1022352 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1541 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-022 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6287 • CWE-264: Permissions, Privileges, and Access Controls •
CVE-2009-0568
https://notcve.org/view.php?id=CVE-2009-0568
The RPC Marshalling Engine (aka NDR) in Microsoft Windows 2000 SP4, XP SP2 and SP3, Server 2003 SP2, Vista Gold, SP1, and SP2, and Server 2008 SP2 does not properly maintain its internal state, which allows remote attackers to overwrite arbitrary memory locations via a crafted RPC message that triggers incorrect pointer reading, related to "IDL interfaces containing a non-conformant varying array" and FC_SMVARRAY, FC_LGVARRAY, FC_VARIABLE_REPEAT, and FC_VARIABLE_OFFSET, aka "RPC Marshalling Engine Vulnerability." El motor RPC Marshalling (también conocido como NDR) en Microsoft Windows 2000 SP4, XP SP2 y SP3, Server 2003 SP2, Vista Gold, SP1, y SP2, y Server 2008 SP2 no mantiene de forma adecuada su estado interno, lo que permite a atacantes remotos sobrescribir posiciones de memoria de su elección a través de un mensaje RPC manipulado que provoca una lectura de puntero incorrecta, relativo a "Interfaces IDL que contienen una tabla variable no conforme" y FC_SMVARRAY, FC_LGVARRAY, FC_VARIABLE_REPEAT, y FC_VARIABLE_OFFSET, tambien conocido como "Vulnerabilidad dl motor RPC Marshalling" • http://blogs.technet.com/srd/archive/2009/06/09/ms09-026-how-a-developer-can-know-if-their-rpc-interface-is-affected.aspx http://osvdb.org/54936 http://www.securityfocus.com/bid/35219 http://www.securitytracker.com/id?1022357 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1545 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-026 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mit • CWE-264: Permissions, Privileges, and Access Controls •