Page 14 of 269 results (0.012 seconds)

CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 0

Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, which triggers memory corruption, aka "Office Art Drawing Records Vulnerability." Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011 y Open XML File Format Converter para Mac, permiten a los atacantes remotos ejecutar código arbitrario por medio de un documento de Office que contiene un registro Office Art Drawing con registros msofbtSp especialmente diseñados y flags no especificados, lo que desencadena una corrupción de memoria, también se conoce como "Office Art Drawing Records Vulnerability". • http://secunia.com/advisories/38521 http://secunia.com/advisories/42144 http://secunia.com/secunia_research/2010-4 http://www.securityfocus.com/archive/1/514699/100/0/threaded http://www.securityfocus.com/bid/44656 http://www.securitytracker.com/id?1024705 http://www.us-cert.gov/cas/techalerts/TA10-313A.html http://www.vupen.com/english/advisories/2010/2923 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-087 https://oval.cisecurity.org/repository • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 97%CPEs: 8EXPL: 5

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011 y Open XML File Format Converter para Mac permite a atacantes remotos ejecutar código de su elección mediante datos RTF manipulados, también conocido como "RTF Stack Buffer Overflow Vulnerability." A stack-based buffer overflow vulnerability exists in the parsing of RTF data in Microsoft Office and earlier allows an attacker to perform remote code execution. • https://www.exploit-db.com/exploits/18334 https://www.exploit-db.com/exploits/17474 https://www.exploit-db.com/exploits/16686 https://www.exploit-db.com/exploits/24526 https://github.com/Sunqiz/CVE-2010-3333-reproduction http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=880 http://secunia.com/advisories/38521 http://secunia.com/advisories/42144 http://securityreason.com/securityalert/8293 http://www.securityfocus.com/bid/44652 http://www.securitytracker.com/id& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 93%CPEs: 4EXPL: 0

Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability." Desbordamiento de entero en Microsoft PowerPoint 2002 SP3 y 2003 SP3, PowerPoint Viewer SP2, y Office 2004 para Mac permite a atacantes remotos ejecutar código de su elección a través de un documento PowerPoint manipulado, también conocida como "Vulnerabilidad de desbordamiento de entero en PowerPoint causeante de corrupción de pila" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Powerpoint 2003. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the application trusting a value defined within a file. This value will have some arithmetic performed on it, and subsequently be used as a counter for a processing loop. By modifying this value, an attacker can reliably corrupt memory. • http://www.us-cert.gov/cas/techalerts/TA10-313A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12122 • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 93%CPEs: 8EXPL: 0

Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Drawing Exception Handling Vulnerability." Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011, y Open XML File Format Converter para Mac permite a atacantes remotos ejecutar código de su elección a través de documentos Office manipulados que provoca una corrupción de memoria, también conocido como "Drawing Exception Handling Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application frees resources when parsing a malformed Office Art record. Due to the application not properly freeing up resources during handling a parsing error, the application will later access the freed reference which can lead to code execution under the context of the application. • http://secunia.com/advisories/38521 http://secunia.com/advisories/42144 http://www.securityfocus.com/bid/44659 http://www.securitytracker.com/id?1024705 http://www.us-cert.gov/cas/techalerts/TA10-313A.html http://www.vupen.com/english/advisories/2010/2923 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-087 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11739 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 90%CPEs: 12EXPL: 0

Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, y 2010; Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Office Compatibility Pack for Word, Excel, y PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; y Word Web App permite a atacantes remotos ejecutar código de su elección a través de documentos Word manipulado, también conocido como "Word Stack Overflow Vulnerability". • http://www.securityfocus.com/archive/1/514302/100/0/threaded http://www.us-cert.gov/cas/techalerts/TA10-285A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-079 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7322 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •