CVSS: 9.3EPSS: 61%CPEs: 13EXPL: 0CVE-2009-2496 – Microsoft Office OWC10.Spreadsheet ActiveX BorderAround() Heap Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-2496
11 Aug 2009 — Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 allows remote attackers to execute arbitrary code via unspecified parameters to unknown methods, aka "Office Web Components Heap Corruption Vulnerabili... • http://www.securitytracker.com/id?1022708 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 65%CPEs: 11EXPL: 0CVE-2009-0562 – Microsoft Office OWC10 ActiveX Control Loading and Unloading Heap Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-0562
11 Aug 2009 — The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 does not properly allocate memory, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger "system state" corruption, aka "Office Web Components... • http://www.securitytracker.com/id?1022708 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 59%CPEs: 16EXPL: 0CVE-2009-0549
https://notcve.org/view.php?id=CVE-2009-0549
10 Jun 2009 — Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Microsoft Office Excel Viewer 2003 SP3 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Record Pointer Corruption Vulnerability." Excel en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, y Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; y Microsoft Office Excel Viewer 20... • http://osvdb.org/54952 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 86%CPEs: 11EXPL: 0CVE-2009-0557 – Microsoft Office Object Record Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-0557
10 Jun 2009 — Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Object Record Corruption Vulnerabil... • http://osvdb.org/54953 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 55%CPEs: 16EXPL: 0CVE-2009-0558
https://notcve.org/view.php?id=CVE-2009-0558
10 Jun 2009 — Array index error in Excel in Microsoft Office 2000 SP3 and Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac, allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Array Indexing Memory Corruption Vulnerability." Error de índice de matriz en Excel en Office 2000 SP3 y Office 2004 y 2008 para Mac, y Open XML File Format Converter para Mac, de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un ... • http://osvdb.org/54954 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 60%CPEs: 16EXPL: 0CVE-2009-0559
https://notcve.org/view.php?id=CVE-2009-0559
10 Jun 2009 — Stack-based buffer overflow in Excel in Microsoft Office 2000 SP3 and Office XP SP3 allows remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "String Copy Stack-Based Overrun Vulnerability." Desbordamiento de búfer basado en pila en Excel en Microsoft Office 2000 SP3 y Office XP SP3, permite a atacantes remotos ejecutar código de su elección a través de un archivo Excel con un objeto de registro mal formado, también conocido como "Vulnerabilidad String Co... • http://www.securityfocus.com/bid/35243 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 66%CPEs: 16EXPL: 0CVE-2009-0560
https://notcve.org/view.php?id=CVE-2009-0560
10 Jun 2009 — Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Field Sanitization Memory Corruptio... • http://osvdb.org/54956 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 66%CPEs: 16EXPL: 0CVE-2009-0561
https://notcve.org/view.php?id=CVE-2009-0561
10 Jun 2009 — Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Microsoft Office SharePoint Server 2007 SP1 and SP2 allows remote attackers to execute arbitrary code via an Excel file with ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=805 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 62%CPEs: 16EXPL: 0CVE-2009-1134 – Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1134
10 Jun 2009 — Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806) record object, aka "Record Pointer Corruption Vulnerability." Excel en 2007 Office System SP1 y SP2 de Microsoft; Office Excel Viewer de Microsoft; y Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007... • http://osvdb.org/54958 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 72%CPEs: 12EXPL: 0CVE-2009-0563 – Microsoft Office Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-0563
10 Jun 2009 — Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability."... • http://osvdb.org/54959 • CWE-787: Out-of-bounds Write •