CVSS: 9.3EPSS: 28%CPEs: 3EXPL: 0CVE-2010-2728
https://notcve.org/view.php?id=CVE-2010-2728
15 Sep 2010 — Heap-based buffer overflow in Microsoft Outlook 2002 SP3, 2003 SP3, and 2007 SP2, when Online Mode for an Exchange Server is enabled, allows remote attackers to execute arbitrary code via a crafted e-mail message, aka "Heap Based Buffer Overflow in Outlook Vulnerability." Desbordamiento de búfer basado en memoria dinámica en Microsoft Outlook 2002 SP3, 2003 SP3, y 2007 SP2, cuando está habilitado el Online Mode para Exchange Server, permite a los atacantes remotos ejecutar código... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-064 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 83%CPEs: 8EXPL: 2CVE-2010-0266 – Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045)
https://notcve.org/view.php?id=CVE-2010-0266
14 Jul 2010 — Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability." Microsoft Office Outlook 2002 SP3, 2003 SP3, y 2007 SP1 y SP2 no verifica correctamente adjuntos en correo electrónico con un valor adecuado PR_ATTACH_METHOD de ATT... • https://www.exploit-db.com/exploits/16700 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 55%CPEs: 35EXPL: 4CVE-2010-0816 – Microsoft Windows Outlook Express and Windows Mail - Integer Overflow
https://notcve.org/view.php?id=CVE-2010-0816
12 May 2010 — Integer overflow in inetcomm.dll in Microsoft Outlook Express 5.5 SP2, 6, and 6 SP1; Windows Live Mail on Windows XP SP2 and SP3, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; and Windows Mail on Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7 allows remote e-mail servers and man-in-the-middle attackers to execute arbitrary code via a crafted (1) POP3 or (2) IMAP response, as demonstrated by a certain +OK response on TCP port 1... • https://www.exploit-db.com/exploits/12564 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 59%CPEs: 19EXPL: 0CVE-2008-4024
https://notcve.org/view.php?id=CVE-2008-4024
10 Dec 2008 — Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability." • http://www.coresecurity.com/content/word-arbitrary-free • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 71%CPEs: 19EXPL: 0CVE-2008-4025
https://notcve.org/view.php?id=CVE-2008-4025
10 Dec 2008 — Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via (1) an RTF file or (2) a rich text e-mail message containing an invalid number of points for a polyline or polygon, which trigger... • http://secunia.com/secunia_research/2008-21 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 19EXPL: 0CVE-2008-4026
https://notcve.org/view.php?id=CVE-2008-4026
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed value, which triggers memory corruption, aka "Word Memory Corruption Vulnerability." • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 66%CPEs: 19EXPL: 0CVE-2008-4030
https://notcve.org/view.php?id=CVE-2008-4030
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control words in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Parsing Vulnerability," a different vulnerability than C... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 66%CPEs: 19EXPL: 0CVE-2008-4031
https://notcve.org/view.php?id=CVE-2008-4031
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a malformed string in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word ... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 70%CPEs: 19EXPL: 0CVE-2008-4837 – Microsoft Office Word Document Table Property Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4837
09 Dec 2008 — Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed table property, which triggers memory corruption, aka "Word Memory Corruption Vulnerability." ... This vulnerability allows remote attackers to execut... • http://www.securityfocus.com/archive/1/499064/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 19EXPL: 0CVE-2008-4027 – Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-4027
09 Dec 2008 — Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted (1) RTF file or (2) rich text e-mail message with multiple consecutive Drawing Object ("\do") tags, which triggers a "memory calculation error" and memory corr... • http://www.securityfocus.com/archive/1/499062/100/0/threaded • CWE-399: Resource Management Errors •