CVSS: 9.3EPSS: 34%CPEs: 9EXPL: 0CVE-2008-1092
https://notcve.org/view.php?id=CVE-2008-1092
Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026. Un desbordamiento de búfer en la biblioteca msjet40.dll anterior a la versión 4.0.9505.0 en el Motor de Base de datos de Microsoft Jet permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de Word creado, tal y como se explotó “in the wild” en marzo de 2008. NOTA: a partir de 20080513, Microsoft ha declarado que este es el mismo problema que el CVE-2007-6026. • http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://www.kb.cert.org/vuls/id/936529 http://www.microsoft.com/technet/security/advisory/950627.mspx http://www.securitytracker.com/id?1019686 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028 https://exchange.xforce.ibmcloud.com/vulnerabilities/41380 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.2EPSS: 0%CPEs: 7EXPL: 2CVE-2008-1471 – Panda Internet Security/AntiVirus+Firewall 2008 - 'CPoint.sys' Memory Corruption
https://notcve.org/view.php?id=CVE-2008-1471
The cpoint.sys driver in Panda Internet Security 2008 and Antivirus+ Firewall 2008 allows local users to cause a denial of service (system crash or kernel panic), overwrite memory, or execute arbitrary code via a crafted IOCTL request that triggers an out-of-bounds write of kernel memory. El dispositivo cpoint.sys driver en Panda Internet Security 2008 y Antivirus+ Firewall 2008 permite a usuarios locales provocar una denegación de servicio (caída del sistema o kernel panic), sobrescribir memoria o ejecutar código de su elección a través de una petición IOCTL manipulada que dispara una escritura en memoria fuera de límite. • https://www.exploit-db.com/exploits/31363 http://secunia.com/advisories/29311 http://www.pandasecurity.com/homeusers/support/card?id=41231&idIdioma=2&ref=ProdExp http://www.pandasecurity.com/homeusers/support/card?id=41337&idIdioma=2&ref=ProdExp http://www.securityfocus.com/archive/1/489292/100/0/threaded http://www.securityfocus.com/bid/28150 http://www.securitytracker.com/id?1019568 http://www.trapkit.de/advisories/TKADV2008-001.txt http://www.vupen.com/english/advisories/2008/0 • CWE-399: Resource Management Errors •
CVSS: 10.0EPSS: 58%CPEs: 7EXPL: 0CVE-2007-0065
https://notcve.org/view.php?id=CVE-2007-0065
Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. Búfer overflow basado en montículo en el objeto OLE (Object Linking and Embedding)Automation en Windows 2000 SP4, XP SP2, Server 2003 SP1 y SP2, Vista, Office 2004 para Mac, y Visual basic 6.0 SP6, permite a atacantes remotos ejecutar código de su elección a través de una petición de secuencia de comandos manipulada. • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28902 http://www.securityfocus.com/bid/27661 http://www.securitytracker.com/id?1019373 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0510/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-008 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5388 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 6.8EPSS: 94%CPEs: 5EXPL: 0CVE-2008-0088
https://notcve.org/view.php?id=CVE-2008-0088
Unspecified vulnerability in Active Directory on Microsoft Windows 2000 and Windows Server 2003, and Active Directory Application Mode (ADAM) on XP and Server 2003, allows remote attackers to cause a denial of service (hang and restart) via a crafted LDAP request. Vulnerabilidad sin especificar en Active Directory de Microsoft Windows 2000 y Windows Server 2003 y Active Directory Application Mode (ADAM) de XP y Server 2003. Permite a atacantes remotos provocar una denegación de servicio (cuelgue y reinicio) a través de una petición LDAP manipulada. • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28764 http://www.securityfocus.com/bid/27638 http://www.securitytracker.com/id?1019382 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0505/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-003 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5181 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 93%CPEs: 22EXPL: 0CVE-2008-0077 – Microsoft Internet Explorer SVG animateMotion.by Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-0077
Use-after-free vulnerability in Microsoft Internet Explorer 6 SP1, 6 SP2, and and 7 allows remote attackers to execute arbitrary code by assigning malformed values to certain properties, as demonstrated using the by property of an animateMotion SVG element, aka "Property Memory Corruption Vulnerability." La vulnerabilidad de Uso de la Memoria Previamente Liberada en Microsoft Internet Explorer versiones 6 SP1, 6 SP2 y 7 permite a los atacantes remotos ejecutar código arbitrario por la asignación de valores malformados a determinadas propiedades, como se demuestra mediante la propiedad de un elemento de animateMotion SVG, también se conoce como "Property Memory Corruption Vulnerability" This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists in the handling of the "by" property of an animateMotion SVG element. By assigning other DOM elements to this property, a memory corruption occurs during the destruction of a Variant data type. The corruption causes an overwrite of a virtual function address allowing for the execution of arbitrary code. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=661 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28903 http://www.kb.cert.org/vuls/id/228569 http://www.securityfocus.com/archive/1/488048/100/0/threaded http://www.securityfocus.com/bid/27666 http://www.securitytracker.com/id?1019380 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0512/references http://www.zeroda • CWE-416: Use After Free •