Page 32 of 241 results (0.028 seconds)

CVSS: 9.3EPSS: 95%CPEs: 9EXPL: 0

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel File Format Memory Corruption Vulnerability." Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 Gold y SP1; Office 2011 para Mac; Excel Viewer; y Office Compatibility Pack SP2 y SP3 no manejan correctamente memoria durante la apertura de ficheros, permitiendo a atacantes remotos ejecutar código arbitrario mediante una hoja de cálculo manipulada, también conocido como "Vulnerabilidad de corrupción de memoria en ficheros Excel" • http://secunia.com/advisories/49112 http://www.securityfocus.com/bid/53342 http://www.securitytracker.com/id?1027041 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15152 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 94%CPEs: 9EXPL: 0

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel File Format Memory Corruption in OBJECTLINK Record Vulnerability." Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 Gold y SP1; Office 2008 para Mac; Excel Viewer; y Office Compatibility Pack SP2 y SP3 no maneja correctamente la memoria durante la apertura de ficheros, permitiendo que atacantes remotos ejecuten codigo arbitrario mediante una hoja de calculo manipulada, también conocido como "Vulnerabilidad de corrupción de memoria en el registro OBJECTLINKE en un fichero de Excel" • http://secunia.com/advisories/49112 http://www.securityfocus.com/bid/53373 http://www.securitytracker.com/id?1027041 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15543 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 95%CPEs: 6EXPL: 0

Microsoft Word 2003 SP3 and 2007 SP2 and SP3, Office 2008 and 2011 for Mac, and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via crafted RTF data, aka "RTF Mismatch Vulnerability." Microsoft Word 2003 SP3 y 2007 SP2 y SP3, Office 2008 y 2011 para Mac, y Office Compatibility Pack SP2 y SP3 permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) mediante datos RTF manipulados, también conocido como "Vulnerabilidad RTF" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of RTF files. The code responsible for lexing control words from the input file does not properly validate that all objects are properly defined. By removing terminating values within an RTF file an attacker can cause the program to re-use a freed object. • http://secunia.com/advisories/49111 http://www.securityfocus.com/bid/53344 http://www.securitytracker.com/id?1027035 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-029 https://exchange.xforce.ibmcloud.com/vulnerabilities/75122 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15327 •

CVSS: 9.3EPSS: 93%CPEs: 10EXPL: 0

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SXLI Record Memory Corruption Vulnerability." Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 Gold y SP1; Office 2008 y 2011 para Mac; Excel Viewer; y Office Compatibility Pack SP2 y SP3 no manejan correctamente la memoria durante la apertura de archivos, permitiendo a atacantes remotos ejecutar código arbitrario a través de una hoja de cálculo hecha a mano, también conocido como "Vulnerabilidad de corrupción de memoria en Excel SXLI Record" • http://secunia.com/advisories/49112 http://www.securityfocus.com/bid/53375 http://www.securitytracker.com/id?1027041 http://www.us-cert.gov/cas/techalerts/TA12-129A.html http://www.verisigninc.com/en_US/products-and-services/network-intelligence-availability/idefense/public-vulnerability-reports/articles/index.xhtml?id=982 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/75117 https://oval.cisecurity.org/repository/sea • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 94%CPEs: 10EXPL: 0

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Series Record Parsing Type Mismatch Could Result in Remote Code Execution Vulnerability." Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 Gold y SP1; Office 2008 y 2011 para Mac; Excel Viewer; y Office Compatibility Pack SP2 y SP3 no manejan correctamente la memoria durante la apertura de archivos, permitiendo a atacantes remotos ejecutar código arbitrario a través de una hoja de cálculo manipulada, también conocido como "Error de Análisis de Registros de Excel podría permitir la ejecución remota de código." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of Series records. The code within Excel.exe makes an assumption about the data types within a Series record and can be made to write beyond the bounds of a heap buffer when a specific combination of fields are set to unexpected values. • http://secunia.com/advisories/49112 http://www.securityfocus.com/bid/53379 http://www.securitytracker.com/id?1027041 http://www.us-cert.gov/cas/techalerts/TA12-129A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-030 https://exchange.xforce.ibmcloud.com/vulnerabilities/75119 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15575 • CWE-264: Permissions, Privileges, and Access Controls •