Page 45 of 297 results (0.007 seconds)

CVSS: 9.3EPSS: 59%CPEs: 5EXPL: 0

CVE-2008-3019

https://notcve.org/view.php?id=CVE-2008-3019

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability." Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office converter pack; y Work 8, no analizan gramaticalmente de forma adecuada la longitud del fichero PostScript encapsulado (EPS), lo que permite a los atacantes remotos ejecutar código arbitrario, a través de una fichero EPS manipulado, también conocido como "Vulnerabilidad de filtro EPS mal formado). • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31336 http://www.securityfocus.com/bid/30595 http://www.securitytracker.com/id?1020673 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2348 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6122 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 75%CPEs: 5EXPL: 0

CVE-2008-3020

https://notcve.org/view.php?id=CVE-2008-3020

Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability." Microsoft Office 2000 SP3 y XP SP3; Office Converter Pack; y Works 8 no parsea apropiadamente la longitud de un fichero BMP, lo cual permite a atacantes remotos ejecutar código de su elección a través de ficheros BMP manipulador, también conocido como "Vulnerabilidad de Filtros BMP Malformados" • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31336 http://www.securityfocus.com/bid/30599 http://www.securitytracker.com/id?1020673 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2348 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5868 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 71%CPEs: 5EXPL: 0

CVE-2008-3460

https://notcve.org/view.php?id=CVE-2008-3460

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnerability." El archivo WPGIMP32.FLT en Office 2000 SP3, XP SP3 y 2003 SP2; Office Converter Pack; y Works versión 8, de Microsoft, no analiza apropiadamente la longitud de un archivo de WordPerfect Graphics (WPG), que permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo WPG diseñado, también se conoce como la "WPG Image File Heap Corruption Vulnerability" • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=737 http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31336 http://www.securityfocus.com/bid/30600 http://www.securitytracker.com/id?1020673 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2348 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-044 https://oval.cisecurity.org/repository/search/definition/oval • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 65%CPEs: 15EXPL: 0

CVE-2008-3006 – Microsoft Excel COUNTRY Record Memory Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2008-3006

Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country record values when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "Excel Record Parsing Vulnerability." Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 y SP3, y 2007 Gold y SP1; Office Excel Viewer 2003 Gold y SP3; Office Excel Viewer; Paquete de compatibilidad de Office 2007 Gold y SP1; Office SharePoint Server 2007 Gold y SP1; y Office 2004 y 2008 para Mac no analizan apropiadamente los valores de registro Country al cargar archivos de Excel, lo que permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de Excel creado, también se conoce como "Excel Record Parsing Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. Exploitation requires that the attacker coerce the target into opening a malicious .XLS file. The specific flaw exists within the parsing of the BIFF file format used by Microsoft Excel. During the processing of a malformed Country (0x8c) record, user-supplied data may be used in a memory copy operation resulting in memory corruption. • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31454 http://secunia.com/advisories/31455 http://www.securityfocus.com/archive/1/495428/100/0/threaded http://www.securityfocus.com/bid/30640 http://www.securitytracker.com/id?1020672 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2347 http://www.zerodayinitiative.com/advisories/ZDI-08-048 https://docs.microsoft.com/en-us/security-updates • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 69%CPEs: 5EXPL: 0

CVE-2008-3021 – Microsoft Windows Graphics Rendering Engine PICT Heap Corruption Vulnerability

https://notcve.org/view.php?id=CVE-2008-3021

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a different vulnerability than CVE-2008-3018. Office 2000 SP3, XP SP3 y 2003 SP2; Office Converter Pack; y Works versión 8 de Microsoft, no analizan apropiadamente la longitud de un archivo PICT, lo que permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo PICT diseñado con un campo bits_per_pixel no válido, también se conoce como la "PICT Filter Parsing Vulnerability" una vulnerabilidad diferente de CVE-2008-3018. This vulnerability allows attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required to exploit this vulnerability in that the target must open a malicious file. The specific flaw exists in the handling of PICT images in an office document. Due to improper parsing of the bits_per_pixel field in a PICT image a heap overflow can occur. • http://marc.info/?l=bugtraq&m=121915960406986&w=2 http://secunia.com/advisories/31336 http://www.securityfocus.com/archive/1/495429/100/0/threaded http://www.securityfocus.com/bid/30598 http://www.securitytracker.com/id?1020673 http://www.us-cert.gov/cas/techalerts/TA08-225A.html http://www.vupen.com/english/advisories/2008/2348 http://www.zerodayinitiative.com/advisories/ZDI-08-049 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-044 https:/ • CWE-399: Resource Management Errors •