CVSS: 9.3EPSS: 54%CPEs: 14EXPL: 0CVE-2006-3435 – Microsoft PowerPoint Malformed Slide Notes Rebuilding Vulnerability
https://notcve.org/view.php?id=CVE-2006-3435
10 Oct 2006 — PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694. PowerPoint en Microsoft Office 2000, XP, 2003, 2004 para Mac, y v.X para Mac no ana... • http://securitytracker.com/id?1017030 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 52%CPEs: 16EXPL: 0CVE-2006-3650 – Microsoft Word Malformed Chart Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2006-3650
10 Oct 2006 — Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with values from the document, a different vulnerability than CVE-2006-3434, CVE-2006-3864, and CVE-2006-3868. Microsoft Office 2000, XP, 2003, 2004 para Mac, y v.X para Mac no analiza adecuadamente la longitud de un regis... • http://secunia.com/advisories/22339 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 69%CPEs: 15EXPL: 3CVE-2006-1540 – Microsoft Office Products - Array Index Bounds Error (PoC)
https://notcve.org/view.php?id=CVE-2006-1540
30 Mar 2006 — MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw d... • https://www.exploit-db.com/exploits/1615 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 60%CPEs: 13EXPL: 0CVE-2006-0009
https://notcve.org/view.php?id=CVE-2006-0009
14 Mar 2006 — Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. • http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html •
CVSS: 7.8EPSS: 40%CPEs: 11EXPL: 0CVE-2006-0029
https://notcve.org/view.php?id=CVE-2006-0029
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. • http://secunia.com/advisories/19138 •
CVSS: 7.8EPSS: 59%CPEs: 11EXPL: 1CVE-2006-0030 – Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
https://notcve.org/view.php?id=CVE-2006-0030
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. • https://www.exploit-db.com/exploits/27055 •
CVSS: 7.8EPSS: 56%CPEs: 6EXPL: 0CVE-2006-0031
https://notcve.org/view.php?id=CVE-2006-0031
14 Mar 2006 — Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1521.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 51%CPEs: 11EXPL: 0CVE-2006-0028 – Microsoft Excel File Format Parsing Vulnerability
https://notcve.org/view.php?id=CVE-2006-0028
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .... • http://secunia.com/advisories/19138 •
CVSS: 8.8EPSS: 49%CPEs: 7EXPL: 0CVE-2004-0846
https://notcve.org/view.php?id=CVE-2004-0846
16 Oct 2004 — Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. Vulnerabilidad desconocida en Microsoft Excel 2000, 2002, 2001 para Mac y v.X para Mac permite a atacantes remotos ejecutar código de su elección mediante un fichero malicioso conteniendo ciertos parámetros que no son validados adecuadamente. • http://marc.info/?l=bugtraq&m=109779810827096&w=2 •
CVSS: 8.8EPSS: 22%CPEs: 15EXPL: 0CVE-2002-0152
https://notcve.org/view.php?id=CVE-2002-0152
22 Apr 2002 — Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh. Desbordamiento de buffer en varias aplicaciones de Microsoft para Macintosht permite a atacantes remotos causar una denegac... • http://marc.info/?l=bugtraq&m=101897994314015&w=2 •