Page 23 of 130 results (0.015 seconds)

CVSS: 9.3EPSS: 77%CPEs: 11EXPL: 0

CVE-2007-0028

https://notcve.org/view.php?id=CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 para Mac y Office v.X para Mac no maneja apropiadamente ciertos códigos de operación, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo XLS especialmente diseñado, lo que resulta en un "Improper Memory Access Vulnerabilityā€¯. NOTA: una divulgación temprana de este problema usó CVE-2006-3432, pero sólo CVE-2007-0028 debe ser usado. • http://secunia.com/advisories/23676 http://securitytracker.com/id?1017485 http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-30.html http://www.fortinet.com/FortiGuardCenter/advisory/FGA-2007-01.html http://www.kb.cert.org/vuls/id/493185 http://www.osvdb.org/31249 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21952 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 92%CPEs: 11EXPL: 0

CVE-2007-0027

https://notcve.org/view.php?id=CVE-2007-0027

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a atacantes remotos ejecutar código de su elección mediante registros IMDATA mal formados que provocan una corrupción de memoria. • http://securitytracker.com/id?1017487 http://www.kb.cert.org/vuls/id/749964 http://www.osvdb.org/31255 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21856 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0103 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11 •

CVSS: 5.1EPSS: 61%CPEs: 6EXPL: 0

CVE-2006-3875

https://notcve.org/view.php?id=CVE-2006-3875

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2006-2387 and CVE-2006-3867. Vulnerabilidad no especificada en Microsoft Excel 2000, 2002, 2003, 2004 para Mac, v.X para Mac, y Excel Viewer 2003 permite a atacantes con la complicidad del usuario ejecutar código de su elección mediante un registro COLINFO artesanal en un fichero XLS, una vulnerabilidad diferente que CVE-2006-2387 y CVE-2006-3867. • http://securitytracker.com/id?1017031 http://www.kb.cert.org/vuls/id/252500 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20391 http://www.vupen.com/english/advisories/2006/3978 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A486 •

CVSS: 5.1EPSS: 61%CPEs: 6EXPL: 0

CVE-2006-3867

https://notcve.org/view.php?id=CVE-2006-3867

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875. Vulnerabilidad no especificada en Microsoft Excel 2000, 2002, 2003, 2004 para Mac, v.X para Mac, y Excel Viewer 2003 permite a atacantes con la complicidad del usuario ejecutar código de su elección mediante un fichero Lotus 1-2-3 artesanal, una vulnerabilidad diferente que CVE-2006-2387 y CVE-2006-3875. • http://securitytracker.com/id?1017031 http://www.kb.cert.org/vuls/id/821772 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20345 http://www.vupen.com/english/advisories/2006/3978 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-059 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A481 •

CVSS: 9.3EPSS: 8%CPEs: 35EXPL: 0

CVE-2006-3877

https://notcve.org/view.php?id=CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. Vulnerabilidad no especificada en PowerPoint en Microsoft Office 2000, Office 2002, Office 2003, Office 2004 para Mac, y Office v.X para Mac permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un "fichero artesanal" no especificado, una vulnerabilidad diferente que CVE-2006-3435, CVE-2006-4694, y CVE-2006-3876. • http://securitytracker.com/id?1017030 http://www.kb.cert.org/vuls/id/205948 http://www.osvdb.org/29448 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20325 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2006/3977 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 https& • CWE-94: Improper Control of Generation of Code ('Code Injection') •