CVE-2009-1533
https://notcve.org/view.php?id=CVE-2009-1533
Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buffer Overflow Vulnerability." Desbordamiento de búfer en los conversores de documentos Works para Windows en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, y Works v8.5 y v9 permite a atacantes remotos ejecutar código arbitrario a través de un archivo .wps elaborado que provoca la corrupción de memoria , también conocido como "Vulnerabilidad de desbordamiento de buffer en el conversor de ficheros". • http://blogs.technet.com/srd/archive/2009/06/09/ms09-024.aspx http://jvn.jp/en/jp/JVN70858401/index.html http://osvdb.org/54939 http://secunia.com/advisories/35371 http://www.securityfocus.com/bid/35184 http://www.securitytracker.com/id?1022354 http://www.securitytracker.com/id?1022355 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1543 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09- • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2009-0563 – Microsoft Office Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-0563
Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability." Un desbordamiento de búfer en la región stack de la memoria en Office Word 2002 SP3, 2003 SP3 y 2007 SP1 y SP2 de Microsoft; Office para Mac 2004 y 2008 de Microsoft; Open XML File Format Converter para Mac; Office Word Viewer 2003 SP3 de Microsoft; Office Word Viewer de Microsoft; y Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007 SP1 y SP2 de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un documento de Word con una etiqueta diseñada que contiene un campo de longitud no válido, también se conoce como "Word Buffer Overflow Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page, open a malicious e-mail, or open a malicious file. The specific flaw exists within the parsing of vulnerable tags inside a Microsoft Word document. Microsoft Word trusts a length field read from the file which is used to read file contents into a buffer allocated on the stack. • http://osvdb.org/54959 http://www.securityfocus.com/archive/1/504204/100/0/threaded http://www.securityfocus.com/bid/35188 http://www.securitytracker.com/id?1022356 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1546 http://www.zerodayinitiative.com/advisories/ZDI-09-035 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-027 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-787: Out-of-bounds Write •
CVE-2009-1134 – Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1134
Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806) record object, aka "Record Pointer Corruption Vulnerability." Excel en 2007 Office System SP1 y SP2 de Microsoft; Office Excel Viewer de Microsoft; y Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007 SP1 y SP2 de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo BIFF con un objeto de registro Qsir (0x806) malformado, también se conoce como "Record Pointer Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires user interaction in that a victim must open a malicious XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel. When Excel 2007 encounters a malformed Qsir record (0x806) user data is improperly handled leading to potential code execution. • http://osvdb.org/54958 http://www.securityfocus.com/archive/1/504213/100/0/threaded http://www.securityfocus.com/bid/35246 http://www.securitytracker.com/id?1022351 http://www.us-cert.gov/cas/techalerts/TA09-160A.html http://www.vupen.com/english/advisories/2009/1540 http://www.zerodayinitiative.com/advisories/ZDI-09-040 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-021 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-1128
https://notcve.org/view.php?id=CVE-2009-1128
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 95 native file format, leading to memory corruption, aka "PP7 Memory Corruption Vulnerability," a different vulnerability than CVE-2009-1129. Microsoft Office PowerPoint 2000 SP3, 2002 SP3, y 2003 SP permite a atacantes remotos ejecutar código de su eleccióna través de datos de sonido manipulados en un fichero que utiliza un formato de fichero nativo en PowerPoint 95, que lleva a una corrupción de memoria, también conocido como "Vulnerabilidad de corrupción de memoria PP7" una vulnerabilidad diferente a CVE-2009-1129. • http://secunia.com/advisories/32428 http://www.securityfocus.com/bid/34837 http://www.securitytracker.com/id?1022205 http://www.us-cert.gov/cas/techalerts/TA09-132A.html http://www.vupen.com/english/advisories/2009/1290 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5416 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2009-0223
https://notcve.org/view.php?id=CVE-2009-0223
Microsoft Office PowerPoint 2000 SP3, 2002 SP3, and 2003 SP3 allows remote attackers to execute arbitrary code via crafted sound data in a file that uses a PowerPoint 4.0 native file format, leading to memory corruption, aka "Legacy File Format Vulnerability," a different vulnerability than CVE-2009-0222, CVE-2009-0226, CVE-2009-0227, and CVE-2009-1137. Microsoft Office PowerPoint 2000 SP3, 2002 SP3, ay 2003 SP3 permite a atacantes remotos ejecutar código de su elección a través de datos de sonido manipulados en un fichero que utiliza un formato de fichero nativo en PowerPoint 4.0, que lleva a una corrupción de memoria, también conocido como "Vulnerabilidad de formato de fichero legado" una vulnerabilidad diferente a CVE-2009-0222, CVE-2009-0226, CVE-2009-0227, y CVE-2009-1137. • http://secunia.com/advisories/32428 http://www.securityfocus.com/bid/34834 http://www.securitytracker.com/id?1022205 http://www.us-cert.gov/cas/techalerts/TA09-132A.html http://www.vupen.com/english/advisories/2009/1290 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6269 • CWE-94: Improper Control of Generation of Code ('Code Injection') •