CVSS: 5.1EPSS: 43%CPEs: 6EXPL: 0CVE-2006-0031
https://notcve.org/view.php?id=CVE-2006-0031
Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1521.html http://secunia.com/advisories/19138 http://secunia.com/advisories/19238 http://securityreason.com/securityalert/589 http://securitytracker.com/id?1015766 http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm http://www.kb.cert.org/vuls/id/104302 http://www.osvdb.org/23902 http://www.securityfocus.com/archive/1/427699/100/0/threaded http://www.securityfocus.com/bid/17101 http://www.us-cert.g • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.1EPSS: 47%CPEs: 13EXPL: 0CVE-2006-0009
https://notcve.org/view.php?id=CVE-2006-0009
Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. • http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html http://blogs.securiteam.com/?author=28 http://blogs.securiteam.com/?p=557 http://blogs.securiteam.com/?p=559 http://isc.sans.org/diary.php?storyid=1618 http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html http://secunia.com/advisories/19138 http://secunia.com/advisories/19238 http://securitytracker.com/id? •
CVSS: 5.1EPSS: 95%CPEs: 11EXPL: 0CVE-2006-0028 – Microsoft Excel File Format Parsing Vulnerability
https://notcve.org/view.php?id=CVE-2006-0028
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel. During the processing of malformed BOOLERR records, user-supplied data may be insecurely referenced thereby leading to the eventual execution of arbitrary code. • http://secunia.com/advisories/19138 http://secunia.com/advisories/19238 http://securityreason.com/securityalert/583 http://securitytracker.com/id?1015766 http://support.avaya.com/elmodocs2/security/ASA-2006-069.htm http://www.kb.cert.org/vuls/id/339878 http://www.osvdb.org/23899 http://www.securityfocus.com/archive/1/427632/100/0/threaded http://www.us-cert.gov/cas/techalerts/TA06-073A.html http://www.vupen.com/english/advisories/2006/0950 http://www.zerodayinitiativ •
CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0CVE-2006-0002
https://notcve.org/view.php?id=CVE-2006-0002
Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 http://securityreason.com/securityalert/330 http://securityreason.com/securityalert/331 http://securitytracker.com/id?1015460 http://securitytracker.com/id?1015461 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.kb.cert.org/vuls/id/252146 http://www.securityfocus.com/archive/1/421518/100/0/threaded http://www.securityfocus.com/archive/1/421520/100/0/threaded http://www.securityfocus.com/bid/16197 http://www.us- •
CVSS: 7.5EPSS: 61%CPEs: 41EXPL: 3CVE-2005-2127 – Microsoft Visual Studio .NET - 'msdds.dll' Remote Code Execution
https://notcve.org/view.php?id=CVE-2005-2127
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability." • https://www.exploit-db.com/exploits/26167 http://isc.sans.org/diary.php?date=2005-08-18 http://secunia.com/advisories/16480 http://secunia.com/advisories/17172 http://secunia.com/advisories/17223 http://secunia.com/advisories/17509 http://securityreason.com/securityalert/72 http://securitytracker.com/id?1014727 http://support.avaya.com/elmodocs2/security/ASA-2005-214.pdf http://www.kb.cert.org/vuls/id/740372 http://www.kb.cert.org/vuls/id/898241 http://www& • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •