Page 15 of 147 results (0.006 seconds)

CVSS: 9.3EPSS: 82%CPEs: 7EXPL: 1

CVE-2008-0111 – Microsoft Excel - Code Execution (MS08-014)

https://notcve.org/view.php?id=CVE-2008-0111

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability." Vulnerabilidad no especificada en Microsoft Excel 2000 SP3 a 2007, Viewer 2003, Compatibility Pack, y Office 2004 para Mac permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante registros de validación de datos manipulados, también conocido como "Vulnerabilidad de Registro de Validación de Datos en Excel." • https://www.exploit-db.com/exploits/5287 http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://www.securityfocus.com/bid/28094 http://www.securitytracker.com/id?1019582 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0846/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5114 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 95%CPEs: 4EXPL: 2

CVE-2008-0118 – Microsoft Office 2000/2003/2004/XP - File Memory Corruption

https://notcve.org/view.php?id=CVE-2008-0118

Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad no especificada en Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 hasta SP3, y Office 2004 para Mac permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante documento Office manipulado que dispara una corrupción de memoria por un error de asignación (allocation error), también conocido como "Vulnerabilidad de Corrupción de Memoria en Microsoft Office (Microsoft Office Memory Corruption Vulnerability)." • https://www.exploit-db.com/exploits/31361 https://www.exploit-db.com/exploits/5320 http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29321 http://www.securityfocus.com/bid/28146 http://www.securitytracker.com/id?1019578 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0848/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016 https://oval.cisecurity.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 0

CVE-2007-1201

https://notcve.org/view.php?id=CVE-2007-1201

Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability." Vulnerabilidad no especificada en determinados objetos COM de Microsoft Office Web Components 2000 permite a atacantes remotos con la complicidad del usuario ejecutar códigode su elección mediante vectores relativos a DataSource que disparan una corrupción de memoria, también conocido como "Vulnerabilidad en Office Web Components DataSource." • http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29328 http://www.securityfocus.com/bid/28136 http://www.securitytracker.com/id?1019581 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0849/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5327 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 74%CPEs: 5EXPL: 0

CVE-2008-0110

https://notcve.org/view.php?id=CVE-2008-0110

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. Vulnerabilidad no especificada de Microsoft Outlook en Office 2000 SP3, XP SP3, 2003 SP2 y Sp3, y sistemas Office permite a atacantes remotos asistidos por usuarios ejecutar código de su elección mediante la modificación de un mailto URI. • http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29320 http://www.kb.cert.org/vuls/id/393305 http://www.securityfocus.com/bid/28147 http://www.securitytracker.com/id?1019579 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0847/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 84%CPEs: 7EXPL: 1

CVE-2008-0115 – Microsoft Excel - Code Execution (MS08-014)

https://notcve.org/view.php?id=CVE-2008-0115

Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability." Vulnerabilidad no especificada en Microsoft Excel 2000 SP3 hasta 2007, Viewer 2003, Pack de compatibilidad (Compatibility Pack), and Office para Mac 2004 permite a atacantes remotos asistidos por usuarios ejecutar código de su elección mediante formulas mal formadas, también conocido como "Vulnerabilidad de análisis sintáctico de formulas" (Excel Formula Parsing Vulnerability). • https://www.exploit-db.com/exploits/5287 http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://www.securityfocus.com/bid/28167 http://www.securitytracker.com/id?1019585 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0846/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5512 • CWE-94: Improper Control of Generation of Code ('Code Injection') •