Page 47 of 269 results (0.011 seconds)

CVSS: 9.3EPSS: 8%CPEs: 16EXPL: 0

Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Execution," a different vulnerability than CVE-2006-3651 and CVE-2006-4693. Desbordamiento de entero en Microsoft Word 2000, 2002, 2003, 2004 para Mac, y v.X para Mac permite a usuarios remotos con la complicidad del usuario ejecutar código de su elección mediante una cadena artesanal en un fichero Word, lo que desborda la longitud del valor de un entero de 16-bit, también conocido como "Memmove Code Execution", una vulnerabilidad diferente que CVE-2006-3651 y CVE-2006-4693. • http://archives.neohapsis.com/archives/fulldisclosure/2006-10/0211.html http://securitytracker.com/id?1017032 http://www.osvdb.org/29440 http://www.securityfocus.com/archive/1/448417/100/0/threaded http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20341 http://www.vupen.com/english/advisories/2006/3979 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-060 https://oval.cisecurity.org/repository/search/definition • CWE-189: Numeric Errors •

CVSS: 9.3EPSS: 83%CPEs: 9EXPL: 0

Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "array boundary condition" (possibly an array index overflow), a different vulnerability than CVE-2006-3434, CVE-2006-3650, and CVE-2006-3868. Vulnerabilidad no especificada en el mso.dll de Microsoft Office 2000, XP y 2003 y para el Microsoft PowerPoint 2000, XP y 2003, permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un registro mal formado en ficheros (1) .DOC, (2) .PPT o (3) .XLS lo que dispara una corrupción de memoria relacionado con "la condición de límite del array" (posiblemente un desbordamiento del índice del array), una vulnerabilidad diferente que CVE-2006-3434, CVE-2006-3650, y CVE-2006-3868. • http://secunia.com/advisories/22339 http://securitytracker.com/id?1017034 http://secway.org/advisory/AD20061010.txt http://support.microsoft.com/kb/922581 http://www.kb.cert.org/vuls/id/176556 http://www.osvdb.org/29429 http://www.securityfocus.com/archive/1/448268/100/0/threaded http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20384 http://www.vupen.com/english/advisories/2006/3981 https://docs.microsoft.com/en-us& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 8%CPEs: 35EXPL: 0

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. Vulnerabilidad no especificada en PowerPoint en Microsoft Office 2000, Office 2002, Office 2003, Office 2004 para Mac, y Office v.X para Mac permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un "fichero artesanal" no especificado, una vulnerabilidad diferente que CVE-2006-3435, CVE-2006-4694, y CVE-2006-3876. • http://securitytracker.com/id?1017030 http://www.kb.cert.org/vuls/id/205948 http://www.osvdb.org/29448 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20325 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2006/3977 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015 https& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 63%CPEs: 3EXPL: 0

Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693. Vulnerabilidad no especificada en Microsoft Word 2000, 2002, y Office 2003 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un fichero de correo electrónico fusionado artesanal, una vulnerabilidad diferente que CVE-2006-3647 y CVE-2006-4693. • http://securitytracker.com/id?1017032 http://www.kb.cert.org/vuls/id/921300 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20358 http://www.vupen.com/english/advisories/2006/3979 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-060 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A51 •

CVSS: 5.1EPSS: 71%CPEs: 2EXPL: 0

Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag. Vulnerabilidad no especificada en Microsoft Office XP y 2003 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante una Etiqueta Inteligente mal formada. • http://secunia.com/advisories/22339 http://securitytracker.com/id?1017034 http://www.kb.cert.org/vuls/id/807780 http://www.osvdb.org/29430 http://www.securityfocus.com/archive/1/449179/100/0/threaded http://www.securityfocus.com/bid/20320 http://www.vupen.com/english/advisories/2006/3981 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-062 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A740 •