Page 40 of 269 results (0.003 seconds)

CVSS: 9.3EPSS: 80%CPEs: 4EXPL: 1

CVE-2007-0216 – Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)

https://notcve.org/view.php?id=CVE-2007-0216

wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." La biblioteca wkcvqd01.dll en Microsoft Works versión 6 File Converter, tal y como es usado en Office 2003 SP2, Works versión 8.0 y Works Suite 2005, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo .wps con encabezados de longitud de sección diseñados, también se conoce como "Microsoft Works File Converter Input Validation Vulnerability". • https://www.exploit-db.com/exploits/5107 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=659 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28904 http://www.securityfocus.com/bid/27657 http://www.securitytracker.com/id?1019386 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0513/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011 https: • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 74%CPEs: 4EXPL: 0

CVE-2008-0104

https://notcve.org/view.php?id=CVE-2008-0104

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability." Vulnerabilidad sin especificar en Microsoft Office Publisher 2000, 2002 y 2003 SP2. Permite a atacantes remotos ejecutar código de su elección a través de un archivo .pub manipulado, también conocido como "Publisher Memory Corruption Vulnerability." • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28906 http://www.securityfocus.com/bid/27740 http://www.securitytracker.com/id?1019377 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0514/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4547 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 81%CPEs: 4EXPL: 1

CVE-2008-0105 – Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)

https://notcve.org/view.php?id=CVE-2008-0105

Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." Microsoft Works 6 File Converter, como el utilizado en Office 2003 SP2 y SP3, Works 8.0, y Works Suite 2005, permite a atacantes remotos ejecutar código de su elección a través de un fichero .wps con una sección de la cabecera de índice de la tabla de información manipulada, también conocida como "Vulnerabilidad en Tabla Índice de Microsoft Works File Converter" • https://www.exploit-db.com/exploits/5107 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28904 http://www.securityfocus.com/bid/27658 http://www.securitytracker.com/id?1019387 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0513/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 94%CPEs: 4EXPL: 2

CVE-2008-0108 – Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)

https://notcve.org/view.php?id=CVE-2008-0108

Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." Un desbordamiento de búfer en la región stack de la memoria en la biblioteca wkcvqd01.dll en Microsoft Works versión 6 File Converter, tal y como es usado en Office 2003 SP2 y SP3, Works versión 8.0 y Works Suite 2005, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo .wps con longitudes de campo diseñado, también se conoce como "Microsoft Works File Converter Field Length Vulnerability". • https://www.exploit-db.com/exploits/5107 https://www.exploit-db.com/exploits/31118 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=660 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28904 http://www.securityfocus.com/bid/27659 http://www.securitytracker.com/id?1019388 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0513/references https://docs.microsoft.com/en-us/sec • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 68%CPEs: 5EXPL: 0

CVE-2008-0109

https://notcve.org/view.php?id=CVE-2008-0109

Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. Word en Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2 y Office Word Viewer 2003, permite a los atacantes remotos ejecutar código arbitrario por medio de campos especialmente diseñados dentro del File Information Block (FIB) de un archivo de Word, lo que desencadena errores de cálculo de longitud y corrupción de memoria. • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28901 http://www.kb.cert.org/vuls/id/692417 http://www.securityfocus.com/archive/1/488071/100/0/threaded http://www.securityfocus.com/bid/27656 http://www.securitytracker.com/id?1019374 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0511/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-009 https:/ • CWE-399: Resource Management Errors •