CVSS: 9.3EPSS: 93%CPEs: 4EXPL: 0CVE-2011-3413 – Microsoft Office 2007 Office Art Shape Record Hierarchy Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-3413
Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnerability." Microsoft PowerPoint 2007 SP2; Office 2008 para Mac; Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2; y PowerPoint Viewer 2007 SP2 permite a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un registro OfficeArt inválido en un documento PowerPoint. También conocida como "Vulnerabilidad RCE OfficeArt Shape". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office 2007. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application processes a shape record hierarchy. • http://www.us-cert.gov/cas/techalerts/TA11-347A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-094 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14581 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 95%CPEs: 7EXPL: 0CVE-2011-1983 – Microsoft Office Word Hidden Border Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-1983
Use-after-free vulnerability in Microsoft Office 2007 SP2 and SP3, Office 2010 Gold and SP1, and Office for Mac 2011 allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Use After Free Vulnerability." Una vulnerabilidad de uso después de liberación en Microsoft Office 2007 SP2 y SP3, Office 2010 Gold y SP1, y Office 2011 para Mac permite a atacantes remotos ejecutar código de su elección a través de un documento de Word específicamente modificado para tal fin. Se trata de un problema también conocido como "vulnerabilidad de uso después de liberación de Microsoft Word". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word 2007/2010. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application handles a border containing a specific property. • http://www.securitytracker.com/id?1026409 http://www.us-cert.gov/cas/techalerts/TA11-347A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-089 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14197 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14558 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 94%CPEs: 23EXPL: 0CVE-2011-1989 – Microsoft Office Excel Conditional Expression Ptg Type Confusion Vulnerability
https://notcve.org/view.php?id=CVE-2011-1989
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability." Microsoft Excel 2003 Service Pack 3 y Service Pack 2 de 2007; Excel en Office 2007 SP2, Excel 2010 Service Pack 1 Gold y SP1; Excel en Office 2010 Service Pack 1 Gold y SP1; Office 2004, 2008 y 2011 para Mac; Open XML File Format Converter para Mac; Excel Viewer Service Pack 2; Paquete de compatibilidad de Office para Word, Excel y PowerPoint 2007 Service Pack 2, Servicios de Excel en Office SharePoint Server 2007 SP2, Servicios de Excel en Office SharePoint Server 2010 Gold y SP1, y Excel Web Access 2010 Gold y SP1 no analizan correctamente las expresiones condicionales asociadas con requisitos de formato, lo que permite a atacantes remotos ejecutar código de su elección a través de una hoja de cálculo debidamente modificada. Es un problema también conocido como "Vulnerabilidad de análisis de expresiones condicionales de Excel". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application parses expressions used for determining formatting requirements. • http://www.us-cert.gov/cas/techalerts/TA11-256A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12974 • CWE-20: Improper Input Validation •
CVSS: 4.0EPSS: 8%CPEs: 20EXPL: 1CVE-2011-1892 – SharePoint 2007/2010 and DotNetNuke < 6 - File Disclosure (via XEE)
https://notcve.org/view.php?id=CVE-2011-1892
Microsoft Office Groove 2007 SP2, SharePoint Workspace 2010 Gold and SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold and SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold and SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010, and Office Web Apps 2010 Gold and SP1 do not properly handle Web Parts containing XML classes referencing external entities, which allows remote authenticated users to read arbitrary files via a crafted XML and XSL file, aka "SharePoint Remote File Disclosure Vulnerability." Microsoft Office Groove 2007 Service Pack 2, SharePoint Workspace 2010 Gold y SP1, Office Forms Server 2007 SP2, Office SharePoint Server 2007 SP2, Office SharePoint Server 2010 Gold y SP1, Office Groove Data Bridge Server 2007 SP2, Office Groove Management Server 2007 SP2, Groove Server 2010 Gold y SP1, Windows SharePoint Services 3.0 SP2, Windows SharePoint 2010 y Office Web Aplicaciones 2010 Gold y SP1 no gestionan correctamente las partes web que contienen clases XML que referencian a entidades externas, lo que permite a usuarios remotos autenticados leer ficheros de su elección a través de un archivo XML o XSL debidamente modificados. Es un problema también conocido como "Vulnerabilidad de revelado de fichero remoto de Sharepoint." SharePoint 2007 / 2010 and DotNetNuke versions prior to 6 suffer from a file disclosure vulnerability. • https://www.exploit-db.com/exploits/17873 http://securityreason.com/securityalert/8386 http://www.us-cert.gov/cas/techalerts/TA11-256A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-074 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12907 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 81%CPEs: 2EXPL: 0CVE-2011-1980
https://notcve.org/view.php?id=CVE-2011-1980
Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading Vulnerability." Vulnerabilidad de ruta de búsqueda no confiable en Microsoft Office 2003 Service Pack 3 y Service Pack 2 de 2007 permite a usuarios locales conseguir privilegios a través de un DLL troyano en el directorio de trabajo actual, como lo demuestra un directorio que contiene un archivo .doc, .ppt o .xls. Se trata de un problema también conocido como "Vulnerabilidad de carga de librerías inseguras de componentes de Office. " • http://www.us-cert.gov/cas/techalerts/TA11-256A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12694 •