CVSS: 9.3EPSS: 96%CPEs: 10EXPL: 2CVE-2008-4255 – Microsoft Animation ActiveX Control Malformed AVI Parsing Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2008-4255
Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an "allocation error" and memory corruption, aka "Windows Common AVI Parsing Overflow Vulnerability." Un desbordamiento de búfer en la región heap de la memoria en el archivo mscomct2.ocx (también se conoce como control ActiveX de Windows Common o control ActiveX de Microsoft Animation) en Visual Basic versión 6.0, Visual Studio .NET 2002 SP1 y 2003 SP1, Visual FoxPro versiones 8.0 SP1 y 9.0 SP1 y SP2, y Office Project 2003 SP3 y 2007 Gold y SP1, de Microsoft, permite a atacantes remotos ejecutar código arbitrario por medio de un archivo AVI con una longitud de secuencia diseñada, lo que desencadena un "allocation error" y corrupción de memoria, también se conoce como "Windows Common AVI Parsing Overflow Vulnerability." This vulnerability allows remote attackers to execute arbitrary code through vulnerable installations of Microsoft Internet Explorer. User interaction is required to exploit this vulnerability in that the target must visit a malicious page. The specific flaw exists within the Microsoft Animation ActiveX control MSCOMCT2.OCX. When parsing a malformed AVI file through this control an exploitable heap corruption can occur. • https://www.exploit-db.com/exploits/7431 http://downloads.securityfocus.com/vulnerabilities/exploits/32613.pl http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm http://www.securityfocus.com/archive/1/499061/100/0/threaded http://www.securityfocus.com/bid/32613 http://www.securitytracker.com/id?1021369 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/3382 http://www.zerodayinitiative.com/advisories/ZDI-08-083 https:// • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 96%CPEs: 7EXPL: 4CVE-2008-3704 – Microsoft Visual Studio - 'Msmask32.ocx' ActiveX Remote Buffer Overflow (PoC)
https://notcve.org/view.php?id=CVE-2008-3704
Heap-based buffer overflow in the MaskedEdit ActiveX control in Msmask32.ocx 6.0.81.69, and possibly other versions before 6.0.84.18, in Microsoft Visual Studio 6.0, Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allows remote attackers to execute arbitrary code via a long Mask parameter, related to not "validating property values with boundary checks," as exploited in the wild in August 2008, aka "Masked Edit Control Memory Corruption Vulnerability." Un desbordamiento de búfer en la región heap de la memoria en el control ActiveX de MaskedEdit en msmask32.ocx versión 6.0.81.69, y posiblemente en otras versiones anteriores a 6.0.84.18, en Visual Studio versión 6.0, Visual Basic versión 6.0, Visual Studio .NET 2002 SP1 y 2003 SP1, y Visual FoxPro versiones 8.0 SP1 y 9.0 SP1 y SP2, de Microsoft, permite a los atacantes remotos ejecutar código arbitrario por medio de un parámetro Mask largo, relacionado con la no "validating property values with boundary checks", como se explotó “in the wild” en Agosto de 2008, también se conoce como "Masked Edit Control Memory Corruption Vulnerability". • https://www.exploit-db.com/exploits/6244 https://www.exploit-db.com/exploits/6317 https://www.exploit-db.com/exploits/16507 http://secunia.com/advisories/31498 http://support.avaya.com/elmodocs2/security/ASA-2008-473.htm http://www.securityfocus.com/bid/30674 http://www.securitytracker.com/id?1020710 http://www.us-cert.gov/cas/techalerts/TA08-344A.html http://www.vupen.com/english/advisories/2008/2380 http://www.vupen.com/english/advisories/2008/3382 https://do • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 0CVE-2007-1201
https://notcve.org/view.php?id=CVE-2007-1201
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability." Vulnerabilidad no especificada en determinados objetos COM de Microsoft Office Web Components 2000 permite a atacantes remotos con la complicidad del usuario ejecutar códigode su elección mediante vectores relativos a DataSource que disparan una corrupción de memoria, también conocido como "Vulnerabilidad en Office Web Components DataSource." • http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29328 http://www.securityfocus.com/bid/28136 http://www.securitytracker.com/id?1019581 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0849/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-017 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5327 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 1%CPEs: 8EXPL: 0CVE-2007-1512
https://notcve.org/view.php?id=CVE-2007-1512
Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact (probably crash) via an RTF file with a malformed OLE object, which results in writing two 0x00 characters past the end of szBuffer, aka the "MFC42u.dll Off-by-Two Overflow." NOTE: this issue is due to an incomplete patch (MS07-012) for CVE-2007-0025. Desbordamiento de búfer basado en pila en la función AfxOleSetEditMenu en el componente MFC de Microsoft Windows 2000 SP4, XP SP2, y Server 2003 Gold y SP1, y Visual Studio .NET 2002 Gold y SP1, y 2003 Gold y SP1 permite a atacantes remotos con la complicidad del usuario tener un impacto desconocido (posiblemente caída) mediante un fichero RTF con un objeto OLE mal formado, lo cual resulta en la escritura de 2 caracteres 0x00 pasado el final de szBuffer, también conocido como "MFC42u.dll Off-by-Two Overflow". NOTA: este asunto es debido a un parche incompleto (MS07-012) para CVE-2007-0025. • http://www.securityfocus.com/archive/1/463009/100/0/threaded •
CVSS: 9.3EPSS: 62%CPEs: 6EXPL: 0CVE-2007-0025
https://notcve.org/view.php?id=CVE-2007-0025
The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a stack-based buffer overflow in the AfxOleSetEditMenu function in MFC42u.dll. El componente MFC en Microsoft Windows 2000 SP4, XP SP2 y 2003 SP1 y Visual Studio .NET 2000, 2002 SP1, 2003 y 2003 SP1 permite a atacantes remotos asistidos por usuario ejecutar código arbitrario a través de un archivo RTF con un objeto OLE mal formado que desencadena corrupción de memoria. NOTA: esto podría ser debido a un desbordamiento de buffer basado en pila en la función AfxOleSetEditMenu en MFC42u.dll. • http://secunia.com/advisories/24150 http://www.kb.cert.org/vuls/id/932041 http://www.osvdb.org/31887 http://www.securityfocus.com/bid/22476 http://www.securitytracker.com/id?1017638 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0581 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A157 • CWE-94: Improper Control of Generation of Code ('Code Injection') •