Page 14 of 132 results (0.009 seconds)

CVSS: 6.8EPSS: 97%CPEs: 3EXPL: 3

The Microsoft Office Snapshot Viewer ActiveX control in snapview.ocx 10.0.5529.0, as distributed in the standalone Snapshot Viewer and Microsoft Office Access 2000 through 2003, allows remote attackers to download arbitrary files to a client machine via a crafted HTML document or e-mail message, probably involving use of the SnapshotPath and CompressedPath properties and the PrintSnapshot method. NOTE: this can be leveraged for code execution by writing to a Startup folder. El control ActiveX Microsoft Office Snapshot Viewer en snapview.ocx, distribuido en Snapshot Viewer and Microsoft Office Access 2000 through 2003, permite a atacantes remotos descargar archivos de su elección a un equipo cliente a través de un documento HTML o mensaje de correo manipulados. NOTA: esto puede ser aprovechado para ejecutar código si se escribe la carpeta de inicio (StartUp). • https://www.exploit-db.com/exploits/6124 https://www.exploit-db.com/exploits/16605 http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/30883 http://www.exploit-db.com/exploits/6124 http://www.kb.cert.org/vuls/id/837785 http://www.microsoft.com/technet/security/advisory/955179.mspx http://www.securityfocus.com/bid/30114 http://www.securitytracker.com/id?1020433 http://www.us-cert.gov/cas/techalerts/TA08-189A.html http://www.us • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 69%CPEs: 6EXPL: 0

Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability." Vulnerabilidad sin especificar en Microsoft publisher en Office XP SP3, 2003 SP2 y SP3 y 2007 SP1 y anteriores, permite a atacantes remotos ejecutar código de su elección a través de un fichero publisher con datos en el objeto de cabecera manipulados lo que provoca una corrupción de memoria, también conocido como "Vulnerabilidad en la validación del manejo del objeto"· • http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://secunia.com/advisories/30150 http://www.securityfocus.com/archive/1/492073/100/0/threaded http://www.securityfocus.com/bid/29158 http://www.securitytracker.com/id?1020015 http://www.us-cert.gov/cas/techalerts/TA08-134A.html http://www.vupen.com/english/advisories/2008/1505/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-027 https://oval.cisecurity.org/repository/search/definition/ • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 76%CPEs: 12EXPL: 0

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling error" that triggers memory corruption. Una vulnerabilidad de uso de la memoria previamente liberada en Microsoft Word en Office 2000 y XP SP3, 2003 SP2 y SP3, y 2007 Office System SP1 y anteriores, permite a atacantes remotos ejecutar código arbitrario por medio de un documento HTML con un gran número de Cascading Style Sheets (CSS), relacionado con un "memory handling error" que desencadena una corrupción de memoria. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=700 http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://secunia.com/advisories/30143 http://www.securityfocus.com/bid/29105 http://www.securitytracker.com/id?1020014 http://www.us-cert.gov/cas/techalerts/TA08-134A.html http://www.vupen.com/english/advisories/2008/1504/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-026 https://oval.cisecurity.org/repository/search/definit • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 72%CPEs: 12EXPL: 0

Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based buffer overflow, aka "Object Parsing Vulnerability." Vulnerabilidad no especificada de Microsoft Word en Office 2000 y XP SP3, 2003 SP2 y SP3, y 2007 Office System SP1 y anteriores, permite a atacantes remotos ejecutar código arbitrariamente a través de un archivo de Formato de Texto Enriquecido (.rtf) con una cadena mal formada que provoca un “error de cálculo en memoria” y un desbordamiento de búfer basado en el montículo (heap), también conocido como “Vulnerabilidad de análisis sintáctico de Objeto.” This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious email, or open a malicious file. The specific flaw exists when parsing malformed RTF documents. When processing a combination of RTF tags a heap overflow occurs. • http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://secunia.com/advisories/30143 http://www.kb.cert.org/vuls/id/543907 http://www.securityfocus.com/archive/1/492020/100/0/threaded http://www.securityfocus.com/bid/29104 http://www.securitytracker.com/id?1020013 http://www.us-cert.gov/cas/techalerts/TA08-134A.html http://www.vupen.com/english/advisories/2008/1504/references http://www.zerodayinitiative.com/advisories/ZDI-08-023 https://docs.microsoft.com/en-u • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 75%CPEs: 10EXPL: 0

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability." Vulnerabilidad sin especificar en Microsoft Visio 2002 SP2, 2003 SP2 y SP3, y 2007 SP1, permite a atacantes asistidos por el usuario ejecutar código de su elección a través de un archivo Visio que contiene datos del objeto de cabecera manipulados, también conocida como "Vulnerabilidad de Objeto de Cabecera de Visio". • http://marc.info/?l=bugtraq&m=120845064910729&w=2 http://secunia.com/advisories/29691 http://www.securityfocus.com/bid/28555 http://www.securitytracker.com/id?1019804 http://www.us-cert.gov/cas/techalerts/TA08-099A.html http://www.vupen.com/english/advisories/2008/1143/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-019 https://exchange.xforce.ibmcloud.com/vulnerabilities/41451 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg. • CWE-94: Improper Control of Generation of Code ('Code Injection') •