CVSS: 9.3EPSS: 66%CPEs: 12EXPL: 0CVE-2009-0088
https://notcve.org/view.php?id=CVE-2009-0088
15 Apr 2009 — The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability." El conversor WordPerfect 6.x en Microsoft Office Word 2000 SP3 y Microsoft Office Co... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782 • CWE-20: Improper Input Validation •
CVSS: 7.5EPSS: 27%CPEs: 21EXPL: 0CVE-2008-0085
https://notcve.org/view.php?id=CVE-2008-0085
08 Jul 2008 — SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 does not initialize memory pages when reallocating memory, which allows database operators to obtain sensitive information (database contents) via unknown vectors related to memory page reuse. SQL Server versiones 7.0 SP4, 2000 SP4, 2005 SP1 y SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2... • http://secunia.com/advisories/30970 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.0EPSS: 57%CPEs: 25EXPL: 0CVE-2008-0107
https://notcve.org/view.php?id=CVE-2008-0107
08 Jul 2008 — Integer underflow in SQL Server 7.0 SP4, 2000 SP4, 2005 SP1 and SP2, 2000 Desktop Engine (MSDE 2000) SP4, 2005 Express Edition SP1 and SP2, and 2000 Desktop Engine (WMSDE); Microsoft Data Engine (MSDE) 1.0 SP4; and Internal Database (WYukon) SP2 allows remote authenticated users to execute arbitrary code via a (1) SMB or (2) WebDAV pathname for an on-disk file (aka stored backup file) with a crafted record size value, which triggers a heap-based buffer overflow, aka "SQL Server Memory Corruption Vulnerabili... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=723 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 63%CPEs: 9EXPL: 0CVE-2008-1092
https://notcve.org/view.php?id=CVE-2008-1092
25 Mar 2008 — Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026. Un desbordamiento de búfer en la biblioteca msjet40.dll anterior a la versión 4.0.9505.0 en el Motor de Base de datos de Microsoft Jet permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de Word ... • http://marc.info/?l=bugtraq&m=121129490723574&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.4EPSS: 19%CPEs: 21EXPL: 0CVE-2007-5355
https://notcve.org/view.php?id=CVE-2007-5355
05 Dec 2007 — The Web Proxy Auto-Discovery (WPAD) feature in Microsoft Internet Explorer 6 and 7, when a primary DNS suffix with three or more components is configured, resolves an unqualified wpad hostname in a second-level domain outside this configured DNS domain, which allows remote WPAD servers to conduct man-in-the-middle (MITM) attacks. La característica Web Proxy Auto-Discovery en Microsoft Internet Explorer 6 y 7, cuando un sufijo de DNS primario con tres o más componentes es configurado, resuelve nombre de host... • http://secunia.com/advisories/27901 •
CVSS: 9.8EPSS: 27%CPEs: 3EXPL: 0CVE-2007-1692
https://notcve.org/view.php?id=CVE-2007-1692
26 Mar 2007 — The default configuration of Microsoft Windows uses the Web Proxy Autodiscovery Protocol (WPAD) without static WPAD entries, which might allow remote attackers to intercept web traffic by registering a proxy server using WINS or DNS, then responding to WPAD requests, as demonstrated using Internet Explorer. NOTE: it could be argued that if an attacker already has control over WINS/DNS, then web traffic could already be intercepted by modifying WINS or DNS records, so this would not cross privilege boundarie... • http://archives.neohapsis.com/archives/isn/2007-q1/0418.html • CWE-16: Configuration •
CVSS: 9.3EPSS: 35%CPEs: 6EXPL: 0CVE-2007-0025
https://notcve.org/view.php?id=CVE-2007-0025
13 Feb 2007 — The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll. El componente MFC en Microsoft Windows 2000 SP4, XP SP2 y 2003 SP1 y Visual Studio .NET 2000, 2002 SP1, 2003 y 2003 SP1 permite a atacant... • http://secunia.com/advisories/24150 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 58%CPEs: 8EXPL: 0CVE-2007-0214
https://notcve.org/view.php?id=CVE-2007-0214
13 Feb 2007 — The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters. El control HTML Help ActiveX (Hhctrl.ocx) en Microsoft Windows 2000 SP3, XP SP2 y Professional, 2003 SP1 permite a atacantes remotos ejecutar código de su elección mediante funciones no especificadas, relacionado con parámetros no inicializados. • http://secunia.com/advisories/24136 •
CVSS: 9.3EPSS: 68%CPEs: 10EXPL: 0CVE-2006-1311
https://notcve.org/view.php?id=CVE-2006-1311
13 Feb 2007 — The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption. El componente RichEdit en Microsoft Windows 2000 SP4, XP SP2, y 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, y Office 2004 para Mac; y Learning Essentials para Microsoft Of... • http://secunia.com/advisories/24152 •
CVSS: 10.0EPSS: 67%CPEs: 3EXPL: 0CVE-2006-5583
https://notcve.org/view.php?id=CVE-2006-5583
12 Dec 2006 — Buffer overflow in the SNMP Service in Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1, and possibly other versions allows remote attackers to execute arbitrary code via a crafted SNMP packet, aka "SNMP Memory Corruption Vulnerability." Desbordamiento de búfer en el SNMP Service de Microsoft Windows 2000 SP4, XP SP2, Server 2003, Server 2003 SP1 y, posiblemente, otras versiones, permite a atacantes remotos ejecutar código de su elección a través de paquetes SNMP modificados, también conocid... • http://secunia.com/advisories/23307 •