CVE-2013-3890
https://notcve.org/view.php?id=CVE-2013-3890
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, Excel Viewer, y Office Compatibility Pack SP3 permite a atacantes remotos ejecutar código arbitrario a través de un documento Office diseñado, también conocida como "Vulnerabilidad de Corrupción de Memoria en Microsoft Excel". • http://www.us-cert.gov/ncas/alerts/TA13-288A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-085 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18926 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2013-1315
https://notcve.org/view.php?id=CVE-2013-1315
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft SharePoint Server 2007 SP3, 2010 SP1 y SP2, y 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office para Mac 2011; Excel Viewer; y Office Compatibility Pack SP3 permiten a un atacante remoto ejecutar código a discrección o causar una denegación de servicio (corrupción de memoria), a través de un documento Office manipulado, tambien conocida como "Vulnerabilidad de Corrupción de Memoria en Microsoft Office". • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18333 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18543 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-1886
https://notcve.org/view.php?id=CVE-2012-1886
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 SP1; Excel Viewer; y Office Compatibility Pack SP2 y SP3 permite a atacantes remotos a ejecutar código provocar una denegación de servicio (corrupción de memoria) a través de una hoja de cálculo manipulada, también conocido como "Excel Memory Corruption Vulnerability." • http://www.securityfocus.com/bid/56426 http://www.securitytracker.com/id?1027752 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-076 https://exchange.xforce.ibmcloud.com/vulnerabilities/78073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15927 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-2543 – Microsoft Excel Feature11/Feature12 Record Trusted Counter Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2012-2543
Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability." Un desbordamiento de búfer basado en pila en Microsoft Excel 2007 SP2 y SP3 y Server 2010 SP1, Office 2011 para Mac, Excel Viewer y Office Compatibility Pack SP2 y SP3 permite a atacantes remotos ejecutar código de su elección a través de una hoja de cálculo hecha a mano. Se trata de un problema también conocido como "vulnerabilidad de desbordamiento pila en Excel". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within Excel's parsing of Feature11/Feature12 records. • http://www.securityfocus.com/bid/56431 http://www.securitytracker.com/id?1027752 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15737 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15908 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2012-5672 – Microsoft Excel - Denial of Service
https://notcve.org/view.php?id=CVE-2012-5672
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data. Microsoft Excel Viewer (alias Xlview.exe) y Excel en Microsoft Office 2007 (alias Office 12), permite a atacantes remotos provocar una denegación de servicio (violación de acceso de lectura y bloqueo de la aplicación) a través de un archivo de hoja de cálculo modificada, como lo demuestra un archivo. xls con los datos de voltaje de la batería. • https://www.exploit-db.com/exploits/37980 http://www.securityfocus.com/archive/1/524379 •