Page 53 of 306 results (0.010 seconds)

CVSS: 9.3EPSS: 96%CPEs: 11EXPL: 2

CVE-2007-0515 – Microsoft Word 2000 - Code Execution

https://notcve.org/view.php?id=CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. Una vulnerabilidad no especificada en Microsoft Word, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario en Word 2000, y causar una denegación de servicio en Word 2003, por medio de vectores de ataque desconocidos que desencadenan una corrupción de memoria, como es explotado por Trojan.Mdropper.W y posteriores por Trojan.Mdropper.X, un problema diferente de CVE-2006-6456, CVE-2006-5994, y CVE-2006-6561. • https://www.exploit-db.com/exploits/3260 https://www.exploit-db.com/exploits/29524 http://isc.sans.org/diary.html?storyid=2133 http://osvdb.org/31900 http://secunia.com/advisories/23950 http://securitytracker.com/id?1017564 http://www.kb.cert.org/vuls/id/412225 http://www.microsoft.com/technet/security/advisory/932114.mspx http://www.securityfocus.com/bid/22225 http://www.securityfocus.com/bid/22328 http://www.symantec.com/enterprise/security_response/weblog/2007/0 •

CVSS: 9.3EPSS: 77%CPEs: 11EXPL: 0

CVE-2007-0028

https://notcve.org/view.php?id=CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 para Mac y Office v.X para Mac no maneja apropiadamente ciertos códigos de operación, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo XLS especialmente diseñado, lo que resulta en un "Improper Memory Access Vulnerabilityā€¯. NOTA: una divulgación temprana de este problema usó CVE-2006-3432, pero sólo CVE-2007-0028 debe ser usado. • http://secunia.com/advisories/23676 http://securitytracker.com/id?1017485 http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-30.html http://www.fortinet.com/FortiGuardCenter/advisory/FGA-2007-01.html http://www.kb.cert.org/vuls/id/493185 http://www.osvdb.org/31249 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21952 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 93%CPEs: 11EXPL: 1

CVE-2007-0031 – Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)

https://notcve.org/view.php?id=CVE-2007-0031

Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. Desbordamiento de búfer basado en pila en Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a un atacante remoto con la intervención de un usuario ejecutar código de su elección a través de una hoja de cálculo con un registro PALETTE que contiene un gran número de entradas. • https://www.exploit-db.com/exploits/3193 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=461 http://securitytracker.com/id?1017487 http://www.kb.cert.org/vuls/id/625532 http://www.osvdb.org/31258 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21922 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0103 https://docs.microsoft.com/en-us/security-updates •

CVSS: 9.3EPSS: 66%CPEs: 11EXPL: 0

CVE-2007-0029

https://notcve.org/view.php?id=CVE-2007-0029

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a un atacante remotos con la intervención del usuario ejecutar código de su elección a través de cadenas mal formadas, tambien conocido como "Vulnerabilidad de cadenas Excel mal formadas" • http://securitytracker.com/id?1017487 http://www.osvdb.org/31256 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21877 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0103 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-002 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1102 •

CVSS: 9.3EPSS: 76%CPEs: 6EXPL: 0

CVE-2007-0033

https://notcve.org/view.php?id=CVE-2007-0033

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. Microsoft Outlook 2002 y 2003 permite a atacantes remotos con la intervención del usuario ejecutar código de su elección a través de un registro VEVENT mal formado en la petición .iCal meeting o un fichero ICS. • http://secunia.com/advisories/23674 http://securitytracker.com/id?1017488 http://www.kb.cert.org/vuls/id/476900 http://www.osvdb.org/31252 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21931 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0104 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-003 https://oval.cisecurity.org/repository/search/ •