CVSS: 9.3EPSS: 66%CPEs: 19EXPL: 0CVE-2008-4030
https://notcve.org/view.php?id=CVE-2008-4030
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control words in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Parsing Vulnerability," a different vulnerability than CVE-2008-4028. ... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 66%CPEs: 19EXPL: 0CVE-2008-4031
https://notcve.org/view.php?id=CVE-2008-4031
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a malformed string in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Par... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 68%CPEs: 18EXPL: 0CVE-2008-4264
https://notcve.org/view.php?id=CVE-2008-4264
10 Dec 2008 — Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers "pointer corruption" during the loading of formulas from this spreadsheet, aka "File Format Pars... • http://www.securityfocus.com/bid/32621 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 68%CPEs: 18EXPL: 0CVE-2008-4265
https://notcve.org/view.php?id=CVE-2008-4265
10 Dec 2008 — Microsoft Office Excel 2000 SP3 allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed object, which triggers memory corruption during the loading of records from this spreadsheet, aka "File Format Parsing Vulnerability." Microsoft Office Excel 2000 SP3 permite a atacantes remotos ejecutar código de su elección mediante una hoja de cálculo manipulada que contiene un objeto malformado, lo que dispara una corrupción de memoria durante la carga de registros ... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=763 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 70%CPEs: 19EXPL: 0CVE-2008-4837 – Microsoft Office Word Document Table Property Stack Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4837
09 Dec 2008 — Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed table property, which triggers memory corruption, aka "Word Memory Corruption Vulnerability." Desbordamiento de búfer en la región stack de la memoria en Micros... • http://www.securityfocus.com/archive/1/499064/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 19EXPL: 0CVE-2008-4027 – Microsoft Office RTF Consecutive Drawing Object Parsing Heap Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2008-4027
09 Dec 2008 — Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted (1) RTF file or (2) rich text e-mail message with multiple consecutive Drawing Object ("\do") tags, which triggers a "memory calculation error" and memory corruption, aka "W... • http://www.securityfocus.com/archive/1/499062/100/0/threaded • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 68%CPEs: 19EXPL: 0CVE-2008-4028 – Microsoft Office RTF Drawing Object Heap Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2008-4028
09 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via crafted control words related to multiple Drawing Object tags in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and ... • http://www.securityfocus.com/archive/1/499063/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 64%CPEs: 1EXPL: 0CVE-2008-2244
https://notcve.org/view.php?id=CVE-2008-2244
09 Jul 2008 — Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc. Microsoft Office Word 2002 SP3 permite a atacantes remotos ejecutar código de su elección a través de ficheros .doc que contienen datos mal formados, tal y como se realiza en exploits públicos desde Julio del 2008 y como se demuestra en adjuntos .doc. • http://blogs.technet.com/msrc/archive/2008/07/08/vulnerability-in-microsoft-word-could-allow-remote-code-execution.aspx • CWE-399: Resource Management Errors •
CVSS: 7.8EPSS: 40%CPEs: 9EXPL: 5CVE-2008-2752 – Microsoft Word 2000/2002 - Bulleted List Handling Remote Memory Corruption
https://notcve.org/view.php?id=CVE-2008-2752
18 Jun 2008 — Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: some of these details are obtained from third party information. Microsoft Word 2000 9.0.2812 y 2003 11.8106.8172, no gestiona correctamente las listas desordenadas, lo que permite a atacantes asistidos por el usuario, provocar una denega... • https://www.exploit-db.com/exploits/31934 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 63%CPEs: 9EXPL: 0CVE-2008-1092
https://notcve.org/view.php?id=CVE-2008-1092
25 Mar 2008 — Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026. Un desbordamiento de búfer en la biblioteca msjet40.dll anterior a la versión 4.0.9505.0 en el Motor de Base de datos de Microsoft Jet permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo de Word ... • http://marc.info/?l=bugtraq&m=121129490723574&w=2 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •