CVE-2009-0088
https://notcve.org/view.php?id=CVE-2009-0088
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability." El conversor WordPerfect 6.x en Microsoft Office Word 2000 SP3 y Microsoft Office Converter Pack no valida adecuadamente la longitud de una cadena no especificada, lo cual permite a atacantes remotos ejecutar código de su elección a través de un fichero WordPerfect 6.x manipulado, también conocido como "Vulnerabilidad de corrupción de pila en el conversor Word 2000 WordPerfect 6.x". • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782 http://osvdb.org/53663 http://www.securitytracker.com/id?1022043 http://www.us-cert.gov/cas/techalerts/TA09-104A.html http://www.vupen.com/english/advisories/2009/1024 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2009/ms09-010 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5736 • CWE-20: Improper Input Validation •
CVE-2008-4033 – Microsoft XML Core Services DTD - Cross-Domain Scripting (MS08-069)
https://notcve.org/view.php?id=CVE-2008-4033
Cross-domain vulnerability in Microsoft XML Core Services 3.0 through 6.0, as used in Microsoft Expression Web, Office, Internet Explorer, and other products, allows remote attackers to obtain sensitive information from another domain and corrupt the session state via HTTP request header fields, as demonstrated by the Transfer-Encoding field, aka "MSXML Header Request Vulnerability." Vulnerabilidad de dominios cruzados en Microsoft XML Core Services v3.0 hasta v6.0, como el que se utiliza en Microsoft Expression Web, Office, Internet Explorer y otros productos; permite a atacantes remotos obtener información sensible de otro dominio y corromper el estado de la sesión a través de solicitudes de campos de cabecera HTTP, como se ha demostrado con el campo Transfer-Encoding. También se conoce como "Vulnerabilidad de la solicitud de la cabecera MSXML". • https://www.exploit-db.com/exploits/7196 http://marc.info/?l=bugtraq&m=122703006921213&w=2 http://securitytracker.com/id?1021164 http://www.securityfocus.com/bid/32204 http://www.us-cert.gov/cas/techalerts/TA08-316A.html http://www.vupen.com/english/advisories/2008/3111 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-069 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5847 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2008-1092
https://notcve.org/view.php?id=CVE-2008-1092
Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026. Un desbordamiento de búfer en la biblioteca msjet40.dll anterior a la versión 4.0.9505.0 en el Motor de Base de datos de Microsoft Jet permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de Word creado, tal y como se explotó “in the wild” en marzo de 2008. NOTA: a partir de 20080513, Microsoft ha declarado que este es el mismo problema que el CVE-2007-6026. • http://marc.info/?l=bugtraq&m=121129490723574&w=2 http://www.kb.cert.org/vuls/id/936529 http://www.microsoft.com/technet/security/advisory/950627.mspx http://www.securitytracker.com/id?1019686 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-028 https://exchange.xforce.ibmcloud.com/vulnerabilities/41380 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2008-0080
https://notcve.org/view.php?id=CVE-2008-0080
Heap-based buffer overflow in the WebDAV Mini-Redirector in Microsoft Windows XP SP2, Server 2003 SP1 and SP2, and Vista allows remote attackers to execute arbitrary code via a crafted WebDAV response. Desbordamiento de búfer basado en montículo en el WebDAV Mini-Redirector de Microsoft Windows XP SP2, Server 2003 SP1 y SP2 y Vista permite a atacantes remotos ejecutar código de su elección mediante una respuesta WebDAV manipulada. • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28894 http://www.securityfocus.com/bid/27670 http://www.securitytracker.com/id?1019372 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0509/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-007 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5381 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2007-0066
https://notcve.org/view.php?id=CVE-2007-0066
The kernel in Microsoft Windows 2000 SP4, XP SP2, and Server 2003, when ICMP Router Discovery Protocol (RDP) is enabled, allows remote attackers to cause a denial of service via fragmented router advertisement ICMP packets that trigger an out-of-bounds read, aka "Windows Kernel TCP/IP/ICMP Vulnerability." El kernel de Microsoft Windows 2000 SP4, XP SP2 y Server 2003, cuando se habilita el protocolo de detección de enrutador ICMP (RDP), permite a los atacantes remotos provocar una denegación de servicio mediante paquetes ICMP de anuncios de enrutador fragmentados que desencadenan una vulnerabilidad de lectura fuera de límites, también se conoce como "Windows Kernel TCP/IP/ICMP Vulnerability". • http://blogs.technet.com/swi/archive/2008/01/08/ms08-001-part-2-the-case-of-the-moderate-icmp-mitigations.aspx http://secunia.com/advisories/28297 http://securitytracker.com/id?1019166 http://www.iss.net/threats/282.html http://www.securityfocus.com/archive/1/486317/100/0/threaded http://www.securityfocus.com/bid/27139 http://www.us-cert.gov/cas/techalerts/TA08-008A.html http://www.vupen.com/english/advisories/2008/0069 https://docs.microsoft.com/en-us/security- •