Page 3 of 33 results (0.009 seconds)

CVSS: 6.8EPSS: 14%CPEs: 2EXPL: 3

Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters. • https://www.exploit-db.com/exploits/27620 http://secunia.com/advisories/19623 http://securityreason.com/securityalert/704 http://securitytracker.com/id?1015895 http://securitytracker.com/id?1015896 http://www.argeniss.com/research/ARGENISS-ADV-040602.txt http://www.securityfocus.com/archive/1/430803/100/0/threaded http://www.securityfocus.com/bid/17452 http://www.vupen.com/english/advisories/2006/1322 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-017 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 2

Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page. • http://securitytracker.com/id?1014352 http://www.freewebs.com/xxosfilexx/HungFPage.html •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 2

asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values. • http://www.securityfocus.com/archive/1/378431 http://www.securityfocus.com/archive/1/378619 http://www.securityfocus.com/bid/11412 •

CVSS: 9.3EPSS: 95%CPEs: 43EXPL: 6

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Desbordamiento de búfer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar código de su elección mediante un campo de longitud JPEG COM pequeño que es normalizado a una longitud de entero grande antes de una operación de copia de memoria. • https://www.exploit-db.com/exploits/474 https://www.exploit-db.com/exploits/556 https://www.exploit-db.com/exploits/475 https://www.exploit-db.com/exploits/478 https://www.exploit-db.com/exploits/472 https://www.exploit-db.com/exploits/480 http://marc.info/?l=bugtraq&m=109524346729948&w=2 http://www.kb.cert.org/vuls/id/297462 http://www.us-cert.gov/cas/techalerts/TA04-260A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms •

CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0

Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. Desbordamiento de búfer en el convertidor de Microsoft WordPerfect 5.x en Office 2000, Office XP, Offiece 2003 y las suites Works 2001 a 2004 permite a atacantes remotos ejecutar código de su elección mediante un documento o un sitio web malicioso. • http://marc.info/?l=bugtraq&m=109519646030906&w=2 http://secunia.com/advisories/12529 http://securitytracker.com/id?1011249 http://securitytracker.com/id?1011250 http://securitytracker.com/id?1011251 http://securitytracker.com/id? •