Page 4 of 31 results (0.003 seconds)

CVSS: 9.3EPSS: 14%CPEs: 7EXPL: 0

CVE-2007-0209

https://notcve.org/view.php?id=CVE-2007-0209

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption. Microsoft Word en Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 hasta 2006 y Office 2004 para Mac, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo Word con un objeto de dibujo malformado, lo que conlleva a una corrupción de memoria. • http://osvdb.org/34386 http://www.securityfocus.com/bid/22482 http://www.securitytracker.com/id?1017639 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0583 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A187 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 9%CPEs: 11EXPL: 0

CVE-2007-0208

https://notcve.org/view.php?id=CVE-2007-0208

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code. Microsoft Word en Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 hasta 2006 y Office 2004 para Mac, no comprueba correctamente las propiedades de ciertos documentos y advierte al usuario del contenido de macros, lo que permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario. • http://www.osvdb.org/34385 http://www.securityfocus.com/bid/22477 http://www.securitytracker.com/id?1017639 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0583 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A700 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 96%CPEs: 11EXPL: 2

CVE-2007-0515 – Microsoft Word 2000 - Code Execution

https://notcve.org/view.php?id=CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. Una vulnerabilidad no especificada en Microsoft Word, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario en Word 2000, y causar una denegación de servicio en Word 2003, por medio de vectores de ataque desconocidos que desencadenan una corrupción de memoria, como es explotado por Trojan.Mdropper.W y posteriores por Trojan.Mdropper.X, un problema diferente de CVE-2006-6456, CVE-2006-5994, y CVE-2006-6561. • https://www.exploit-db.com/exploits/3260 https://www.exploit-db.com/exploits/29524 http://isc.sans.org/diary.html?storyid=2133 http://osvdb.org/31900 http://secunia.com/advisories/23950 http://securitytracker.com/id?1017564 http://www.kb.cert.org/vuls/id/412225 http://www.microsoft.com/technet/security/advisory/932114.mspx http://www.securityfocus.com/bid/22225 http://www.securityfocus.com/bid/22328 http://www.symantec.com/enterprise/security_response/weblog/2007/0 •

CVSS: 9.3EPSS: 77%CPEs: 11EXPL: 0

CVE-2007-0028

https://notcve.org/view.php?id=CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 para Mac y Office v.X para Mac no maneja apropiadamente ciertos códigos de operación, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo XLS especialmente diseñado, lo que resulta en un "Improper Memory Access Vulnerabilityā€¯. NOTA: una divulgación temprana de este problema usó CVE-2006-3432, pero sólo CVE-2007-0028 debe ser usado. • http://secunia.com/advisories/23676 http://securitytracker.com/id?1017485 http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-30.html http://www.fortinet.com/FortiGuardCenter/advisory/FGA-2007-01.html http://www.kb.cert.org/vuls/id/493185 http://www.osvdb.org/31249 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21952 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 66%CPEs: 11EXPL: 0

CVE-2007-0029

https://notcve.org/view.php?id=CVE-2007-0029

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a un atacante remotos con la intervención del usuario ejecutar código de su elección a través de cadenas mal formadas, tambien conocido como "Vulnerabilidad de cadenas Excel mal formadas" • http://securitytracker.com/id?1017487 http://www.osvdb.org/31256 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21877 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0103 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1102 •