CVSS: 9.3EPSS: 56%CPEs: 8EXPL: 0CVE-2007-0035
https://notcve.org/view.php?id=CVE-2007-0035
08 May 2007 — Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability." Word (o Word Viewer) en Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 para Mac, y Works Suite 2004, 2005 y 2006 no manejan apropiadamente los datos en una determinada matriz, lo que permite a atacantes remotos asistidos p... • http://www.kb.cert.org/vuls/id/260777 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 57%CPEs: 11EXPL: 0CVE-2007-0208
https://notcve.org/view.php?id=CVE-2007-0208
13 Feb 2007 — Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code. Microsoft Word en Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 hasta 2006 y Office 2004 para Mac, no comprueba correctamente las propiedades de ciertos documentos y advierte al usuario del contenido de macros, lo que per... • http://www.osvdb.org/34385 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 53%CPEs: 7EXPL: 0CVE-2007-0209
https://notcve.org/view.php?id=CVE-2007-0209
13 Feb 2007 — Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption. Microsoft Word en Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 hasta 2006 y Office 2004 para Mac, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo Word con un objeto de dibujo malformado... • http://osvdb.org/34386 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 62%CPEs: 11EXPL: 2CVE-2007-0515 – Microsoft Word 2000 - Code Execution
https://notcve.org/view.php?id=CVE-2007-0515
26 Jan 2007 — Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. Una vulnerabilidad no especificada en Microsoft Word, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario en Word 2000, y... • https://www.exploit-db.com/exploits/3260 •
CVSS: 9.3EPSS: 48%CPEs: 11EXPL: 0CVE-2007-0028
https://notcve.org/view.php?id=CVE-2007-0028
09 Jan 2007 — Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 para Mac y Office v.X para Mac no maneja apropiadamente ciertos cód... • http://secunia.com/advisories/23676 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 55%CPEs: 11EXPL: 0CVE-2007-0029
https://notcve.org/view.php?id=CVE-2007-0029
09 Jan 2007 — Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a un atacante remotos con la intervención del usuario ejecutar código de su elección a través de cadenas mal formadas, tambien conocido como "Vulnerabilidad de cadenas Excel mal formadas" • http://securitytracker.com/id?1017487 •
CVSS: 9.3EPSS: 56%CPEs: 11EXPL: 0CVE-2007-0030
https://notcve.org/view.php?id=CVE-2007-0030
09 Jan 2007 — Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permiten a atacantes remotos con intervención del usuario ejecutar código de su elección mediante un archivo Excel con un campo Columna fuera de rango en determinados tipos de re... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=460 •
CVSS: 9.3EPSS: 74%CPEs: 11EXPL: 1CVE-2007-0031 – Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)
https://notcve.org/view.php?id=CVE-2007-0031
09 Jan 2007 — Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. Desbordamiento de búfer basado en pila en Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a un atacante remoto con la intervención de un usuario ejecutar código de su elección a través de una hoja de cálculo con un regi... • https://www.exploit-db.com/exploits/3193 •
CVSS: 9.8EPSS: 58%CPEs: 11EXPL: 0CVE-2007-0027
https://notcve.org/view.php?id=CVE-2007-0027
09 Jan 2007 — Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a atacantes remotos ejecutar código de su elección mediante registros IMDATA mal formados que provocan una corrupción de memoria. • http://securitytracker.com/id?1017487 •
CVSS: 9.3EPSS: 74%CPEs: 11EXPL: 3CVE-2006-6561 – Microsoft Word Document - Malformed Pointer (PoC)
https://notcve.org/view.php?id=CVE-2006-6561
14 Dec 2006 — Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456. Vulnerabilidad no especificada en Microsoft Word 2000, 2002, y Word Viewer 2003 permite a atacantes remotos con la intervención del usuario, ejecutar código de su elección mediante un fichero DOC manipulado qu... • https://www.exploit-db.com/exploits/2922 •