CVE-2004-0200 – Microsoft Windows - JPEG Processing Buffer Overrun (MS04-028)
https://notcve.org/view.php?id=CVE-2004-0200
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Desbordamiento de búfer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar código de su elección mediante un campo de longitud JPEG COM pequeño que es normalizado a una longitud de entero grande antes de una operación de copia de memoria. • https://www.exploit-db.com/exploits/474 https://www.exploit-db.com/exploits/556 https://www.exploit-db.com/exploits/475 https://www.exploit-db.com/exploits/478 https://www.exploit-db.com/exploits/472 https://www.exploit-db.com/exploits/480 http://marc.info/?l=bugtraq&m=109524346729948&w=2 http://www.kb.cert.org/vuls/id/297462 http://www.us-cert.gov/cas/techalerts/TA04-260A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms •
CVE-2003-0347 – Microsoft Visual Basic For Applications SDK 5.0/6.0/6.2/6.3 - Document Handling Buffer Overrun
https://notcve.org/view.php?id=CVE-2003-0347
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. • https://www.exploit-db.com/exploits/23094 http://archives.neohapsis.com/archives/vulnwatch/2003-q3/0093.html http://marc.info/?l=bugtraq&m=106262077829157&w=2 http://secunia.com/advisories/9666 http://www.kb.cert.org/vuls/id/804780 http://www.securityfocus.com/bid/8534 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-037 •
CVE-2001-0153
https://notcve.org/view.php?id=CVE-2001-0153
Buffer overflow in VB-TSQL debugger object (vbsdicli.exe) in Visual Studio 6.0 Enterprise Edition allows remote attackers to execute arbitrary commands. • http://razor.bindview.com/publish/advisories/adv_vbtsql.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2001/ms01-018 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-1999-0384
https://notcve.org/view.php?id=CVE-1999-0384
The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content. • https://docs.microsoft.com/en-us/security-updates/securitybulletins/1999/ms99-001 •