Page 3 of 32 results (0.012 seconds)

CVSS: 9.3EPSS: 93%CPEs: 6EXPL: 0

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." Un desbordamiento de búfer en la funcionalidad Advanced Search (Finder.exe) de Microsoft Outlook 2000, 2002 y 2003, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo Outlook Saved Searches (OSS) que desencadena daños en la memoria , también se conoce como "Microsoft Outlook Advanced Find Vulnerabilityā€¯. • http://secunia.com/advisories/23674 http://securitytracker.com/id?1017488 http://www.computerterrorism.com/research/ct09-01-2007.htm http://www.kb.cert.org/vuls/id/271860 http://www.osvdb.org/31254 http://www.securityfocus.com/archive/1/456589/100/0/threaded http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21936 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0104 http • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 30%CPEs: 6EXPL: 0

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers. Microsoft Outlook 2000, 2002, y 2003 permite a atacantes remotos con la implicación del usuario provocar una denegación de servicio (consumo de memoria e interrupción de recuperación de correo) mediante información de cabecera mal-formada, posiblemente relacionado con (1)lineas de asunto largas o (2)gran número de recipientes en las cabeceras To o CC. • http://blogs.securiteam.com/index.php/archives/347 http://linuxbox.org/pipermail/funsec/2006-March/005208.html http://osvdb.org/ref/24/24081-outlook1.txt http://secunia.com/advisories/23674 http://securitytracker.com/id?1017488 http://www.kb.cert.org/vuls/id/617436 http://www.osvdb.org/31253 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21937 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.v • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 8%CPEs: 35EXPL: 0

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. Vulnerabilidad no especificada en PowerPoint en Microsoft Office 2000, Office 2002, Office 2003, Office 2004 para Mac, y Office v.X para Mac permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un "fichero artesanal" no especificado, una vulnerabilidad diferente que CVE-2006-3435, CVE-2006-4694, y CVE-2006-3876. • http://securitytracker.com/id?1017030 http://www.kb.cert.org/vuls/id/205948 http://www.osvdb.org/29448 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20325 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2006/3977 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 https& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to message length validation. • http://secunia.com/advisories/18368 http://securityreason.com/securityalert/330 http://securityreason.com/securityalert/331 http://securitytracker.com/id?1015460 http://securitytracker.com/id?1015461 http://support.avaya.com/elmodocs2/security/ASA-2006-004.htm http://www.kb.cert.org/vuls/id/252146 http://www.securityfocus.com/archive/1/421518/100/0/threaded http://www.securityfocus.com/archive/1/421520/100/0/threaded http://www.securityfocus.com/bid/16197 http://www.us- •

CVSS: 5.0EPSS: 4%CPEs: 2EXPL: 0

Microsoft Outlook 2000 and 2003, when configured to use Microsoft Word 2000 or 2003 as the e-mail editor and when forwarding e-mail, does not properly handle an opening OBJECT tag that does not have a closing OBJECT tag, which causes Outlook to automatically download the URI in the data property of the OBJECT tag and might allow remote attackers to execute arbitrary code. • http://secunia.com/advisories/12041 http://www.osvdb.org/7769 http://www.securityfocus.com/archive/1/368492 http://www.securityfocus.com/bid/10683 https://exchange.xforce.ibmcloud.com/vulnerabilities/16663 •