CVSS: 9.3EPSS: 77%CPEs: 18EXPL: 0CVE-2008-4265
https://notcve.org/view.php?id=CVE-2008-4265
10 Dec 2008 — Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format Parsing Vulnerability." Microsoft Office Excel 2000 SP3 permite a atacantes remotos ejecutar código de su elección mediante una hoja de cálculo manipulada que contiene un objeto malformado, lo que dispara una corrupción de memoria durante la carga de registros ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=763 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 49%CPEs: 19EXPL: 0CVE-2008-4025
https://notcve.org/view.php?id=CVE-2008-4025
10 Dec 2008 — Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via (1) an RTF file or (2) a rich text e-mail message containing an invalid number of points for a polyline or polygon, which triggers a heap-based... • http://secunia.com/secunia_research/2008-21 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 76%CPEs: 18EXPL: 0CVE-2008-4264
https://notcve.org/view.php?id=CVE-2008-4264
10 Dec 2008 — Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers "pointer corruption" during the loading of formulas from this spreadsheet, aka "File Format Pars... • http://www.securityfocus.com/bid/32621 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 45%CPEs: 19EXPL: 0CVE-2008-4031
https://notcve.org/view.php?id=CVE-2008-4031
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a malformed string in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Par... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 17%CPEs: 8EXPL: 0CVE-2008-4266
https://notcve.org/view.php?id=CVE-2008-4266
10 Dec 2008 — Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Excel spreadsheet with a NAME record that contains an invalid index value, which triggers stack corruption, aka "Excel Global Array Memory Corruption Vulnerability." Microsoft Office Excel 2000 SP3, 2002 SP3 y 2003 SP3; Excel Viewer 2003 Gold y SP3; Office 2004 y 2... • http://secunia.com/secunia_research/2008-36 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 84%CPEs: 19EXPL: 0CVE-2008-4024
https://notcve.org/view.php?id=CVE-2008-4024
10 Dec 2008 — Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability." Microsoft Office Word 2000 SP3 y 2002 SP3 y Office 2004 para Mac permiten a los atacantes remotos ejecutar código arbitrario por medio de un documento de Word con un campo lcbPlcfBkfSdt c... • http://www.coresecurity.com/content/word-arbitrary-free • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 80%CPEs: 19EXPL: 0CVE-2008-4837 – Microsoft Office Word Document Table Property Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4837
09 Dec 2008 — Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed table property, which triggers memory corruption, aka "Word Memory Corruption Vulnerability." Desbordamiento de búfer en la región stack de la memoria en Micros... • http://www.securityfocus.com/archive/1/499064/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 83%CPEs: 19EXPL: 0CVE-2008-4027 – Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-4027
09 Dec 2008 — Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted (1) RTF file or (2) rich text e-mail message with multiple consecutive Drawing Object ("\do") tags, which triggers a "memory calculation error" and memory corruption, aka "W... • http://www.securityfocus.com/archive/1/499062/100/0/threaded • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 87%CPEs: 19EXPL: 0CVE-2008-4028 – Microsoft Office RTF Drawing Object Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4028
09 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via crafted control words related to multiple Drawing Object tags in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and ... • http://www.securityfocus.com/archive/1/499063/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 84%CPEs: 16EXPL: 0CVE-2008-4019 – Microsoft Office Excel REPT Formula Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-4019
14 Oct 2008 — Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file containing a formula within a cell, aka "Formula Parsing Vulnerabili... • http://marc.info/?l=bugtraq&m=122479227205998&w=2 • CWE-190: Integer Overflow or Wraparound •