CVSS: 9.3EPSS: 45%CPEs: 4EXPL: 0CVE-2006-0033 – Technical Cyber Security Alert 2006-192A
https://notcve.org/view.php?id=CVE-2006-0033
11 Jul 2006 — Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed. Vulnerabilidad no especificada en Microsoft Office 2003 SP1 y SP2, Office XP SP3, Office 2000 SP3 y otros productos, permite a atacantes con la ayuda del usuario ejecutar código de su elección a través de una imagen PNG manipulada que induce una corrupción de memo... • http://secunia.com/advisories/21013 •
CVSS: 9.3EPSS: 46%CPEs: 4EXPL: 0CVE-2006-1316 – Technical Cyber Security Alert 2006-192A
https://notcve.org/view.php?id=CVE-2006-1316
11 Jul 2006 — Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Parsing Vulnerability," a different vulnerability than CVE-2006-2389. Vulnerabilidad sin especificar en Microsoft Office 2003 SP1 y SP2, Office XP SP3, Office 2000 SP3 y otros productos, permite a atacantes ayudados p... • http://secunia.com/advisories/21012 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 74%CPEs: 4EXPL: 2CVE-2006-2389 – Microsoft Office 2000/2002 - Property Code Execution
https://notcve.org/view.php?id=CVE-2006-2389
11 Jul 2006 — Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office Property Vulnerability," a different vulnerability than CVE-2006-1316. Vulnerabilidad no especificada en Microsoft Office 2003 SP1 y SP2, Office XP SP3, Office 2000 SP3 y otros productos, permite a atacantes ayuda... • https://packetstorm.news/files/id/93302 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 57%CPEs: 12EXPL: 2CVE-2006-3493 – Microsoft Word 2000/2003 - Unchecked Boundary Condition
https://notcve.org/view.php?id=CVE-2006-3493
10 Jul 2006 — Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees. Desbordamiento de búfer en la función LsCre... • https://www.exploit-db.com/exploits/2001 •
CVSS: 8.8EPSS: 74%CPEs: 5EXPL: 2CVE-2006-2492 – Microsoft Word Malformed Object Pointer Vulnerability
https://notcve.org/view.php?id=CVE-2006-2492
20 May 2006 — Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack. Microsoft Word and Microsoft Works Suites contain a malformed object pointer which allows attackers to execute code. • http://blogs.technet.com/msrc/archive/2006/05/19/429353.aspx • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 69%CPEs: 15EXPL: 3CVE-2006-1540 – Microsoft Office Products - Array Index Bounds Error (PoC)
https://notcve.org/view.php?id=CVE-2006-1540
30 Mar 2006 — MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw d... • https://www.exploit-db.com/exploits/1615 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 8.8EPSS: 62%CPEs: 13EXPL: 0CVE-2006-0009 – SYMSA-2006-001.txt
https://notcve.org/view.php?id=CVE-2006-0009
14 Mar 2006 — Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. Microsoft has released updates that address critical vulnerabilities in Microsoft Office and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker t... • http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html •
CVSS: 7.8EPSS: 40%CPEs: 11EXPL: 0CVE-2006-0029 – FSA-2006-08.txt
https://notcve.org/view.php?id=CVE-2006-0029
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. Fortinet Security Research Team (FSRT) has discovered a improper memory access vulnerability in the Microsoft Excel software. This vulnerability is due to Microsoft Excel's manipulation of opcode 0x001D, when provided with a random Column Index, it will cau... • http://secunia.com/advisories/19138 •
CVSS: 7.8EPSS: 59%CPEs: 11EXPL: 1CVE-2006-0030 – Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
https://notcve.org/view.php?id=CVE-2006-0030
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. Microsoft has released updates that address critical vulnerabilities in Microsoft Office and Excel. Exploitation of these vulnerabilities could allow a remote, unauthenticated attacker to execute arbitrary code or cause a denial of service on a vulnerable syste... • https://www.exploit-db.com/exploits/27055 •
CVSS: 7.8EPSS: 56%CPEs: 6EXPL: 0CVE-2006-0031 – msExcel-again.txt
https://notcve.org/view.php?id=CVE-2006-0031
14 Mar 2006 — Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. A remote code execution vulnerability exists in Excel using a FNGROUPCOUNT value. An attacker could exploit the vulnerability by constructing a specially crafted Excel file that could allow remote code execution. Affected products ... • http://archives.neohapsis.com/archives/fulldisclosure/2006-02/1521.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •