CVSS: 9.3EPSS: 49%CPEs: 3EXPL: 0CVE-2011-0107
https://notcve.org/view.php?id=CVE-2011-0107
13 Apr 2011 — Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Office Component Insecure Library Loading Vulnerability." Vulnerabilidad de búsqueda de ruta no confiable en Microsoft Office XP SP3, Office 2003 SP3 y Office 2007 SP2 permite a usuarios locales conseguir privilegios a través de un troyano DLL en el di... • http://osvdb.org/71767 •
CVSS: 9.3EPSS: 59%CPEs: 3EXPL: 0CVE-2010-3945
https://notcve.org/view.php?id=CVE-2010-3945
16 Dec 2010 — Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability." Desbordamiento del búfer en el convertidor de imágenes CGM de los filtros gráficos de Microsoft Office XP SP3, Office 2003 SP3, y Office Converter Pack permite a atacantes remotos ejecutar código de su elección mediante u... • http://www.securitytracker.com/id?1024887 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 3EXPL: 0CVE-2010-3946
https://notcve.org/view.php?id=CVE-2010-3946
16 Dec 2010 — Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability." Desbordamiento de enteros en el convertidor de imágenes PICT en los filtros de gráficos en Microsoft Office XP SP3, Office 2003 SP3 y Office Converter Pack permite a atacantes remotos ejecutar código arbitrario a tr... • http://www.securitytracker.com/id?1024887 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 6CVE-2010-3333 – Microsoft Office Stack-based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2010-3333
10 Nov 2010 — Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011 y Open XML File Format Converter... • https://www.exploit-db.com/exploits/18334 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 64%CPEs: 8EXPL: 0CVE-2010-3334
https://notcve.org/view.php?id=CVE-2010-3334
10 Nov 2010 — Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, which triggers memory corruption, aka "Office Art Drawing Records Vulnerability." Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac... • http://secunia.com/advisories/38521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 66%CPEs: 5EXPL: 0CVE-2010-3336
https://notcve.org/view.php?id=CVE-2010-3336
10 Nov 2010 — Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "MSO Large SPID Read AV Vulnerability." Microsoft Office XP SP3, Office 2004 y 2008 para Mac, Office para Mac 2011, y Open XML File Format Converter para Mac permite a atacantes remotos ejecutar código de su elección a través de un documento Office manipulado que provoca una c... • http://secunia.com/advisories/38521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 66%CPEs: 8EXPL: 0CVE-2010-3335 – Microsoft Excel MSODrawing Improper Exception Handling Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3335
09 Nov 2010 — Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Drawing Exception Handling Vulnerability." Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011, y Open XML File Format Converter para Mac permite a atacantes r... • http://secunia.com/advisories/38521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 28%CPEs: 17EXPL: 1CVE-2010-2738 – Microsoft Unicode Scripts Processor - Remote Code Execution (MS10-063)
https://notcve.org/view.php?id=CVE-2010-2738
15 Sep 2010 — The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) Office document, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability." La implementación Uniscribe... • https://www.exploit-db.com/exploits/15158 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 83%CPEs: 8EXPL: 2CVE-2010-0266 – Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045)
https://notcve.org/view.php?id=CVE-2010-0266
14 Jul 2010 — Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability." Microsoft Office Outlook 2002 SP3, 2003 SP3, y 2007 SP1 y SP2 no verifica correctamente adjuntos en correo electrónico con un valor adecuado PR_ATTACH_METHOD de ATTACH_BY_REFERENCE, el cual pe... • https://www.exploit-db.com/exploits/16700 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 48%CPEs: 4EXPL: 0CVE-2010-1263
https://notcve.org/view.php?id=CVE-2010-1263
08 Jun 2010 — Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability." Vulnerabilidad no especificada en Microsoft Office XP SP3, Office 2003 SP3 y 2007 SP1 y SP2 per... • http://www.securityfocus.com/bid/40574 • CWE-94: Improper Control of Generation of Code ('Code Injection') •