Page 56 of 478 results (0.008 seconds)

CVSS: 4.3EPSS: 0%CPEs: 25EXPL: 0

The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability." El editor de XML en Microsoft Office InfoPath 2007 SP2 y 2010; SQL Server 2005 SP3 y SP4 y 2008 SP1, SP2 y R2; SQL Server Management Studio Express (SSMSE) 2005; y Visual Studio 2005 SP1, 2008 SP1, y 2010 no maneja correctamente entidades externas, lo que permite a atacantes remotos leer archivos arbitrarios a través de un fichero .disco (Web Service Discovery) manipulado, también conocido como "XML External Entities Resolution Vulnerability" • http://secunia.com/advisories/44912 http://www.securityfocus.com/bid/48196 http://www.securitytracker.com/id?1025646 http://www.securitytracker.com/id?1025647 http://www.securitytracker.com/id?1025648 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-049 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12664 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 79%CPEs: 8EXPL: 0

Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability." Microsoft Excel 2002 SP3, 2003 SP3, y 2007 SP2; Office 2004 y 2008 para Mac; Open XML File Format Converter para Mac; Excel Viewer SP2; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2 no validan adecuadamente la información de registro durante el análisis sintáctico (parseo) de las hojas de cálculo de Excel. Esto permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de una hoja de cálculo manipulada. También se conoce como "Vulnerabilidad de Salida de Rango en el Array de Acceso de Excel" • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12538 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 87%CPEs: 8EXPL: 0

Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record structures during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Insufficient Record Validation Vulnerability." Microsoft Excel 2002 SP3, 2003 SP3, y 2007 SP2; Office 2004 y 2008 para Mac; el conversor de formato de fichero Open XML para Mac; Excel Viewer SP2; y el pack de compatibilidad Office para los formatos de archivo Word, Excel, y PowerPoint 2007 SP2 no validan apropiadamente las estructuras de registro durante el análisis ("parseo") de hojas de cálculo Excel, lo que permite a atacantes remotos ejecutar código arbitrario a través de una hoja de cálculo modificada. También conocida como "vulnerabilidad de validación de registro insuficiente de Excel". • http://www.securityfocus.com/bid/48157 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12139 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 93%CPEs: 11EXPL: 0

Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability." Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, y 2010; Office 2004, 2008, y 2011 para Mac; Open XML File Format Converter para Mac; Excel Viewer SP2; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2 no valida adecuadamente información gravada durante el parseo de las hojas de cálculo en Excel, lo que permite a atacantes remotos ejecutar código de su elección o provocar una denegación de servicio (corrupción de memoria) a través de hojas de cálculo, también conocido como "Excel Improper Record Parsing Vulnerability." • http://osvdb.org/72921 http://secunia.com/advisories/44931 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12354 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 96%CPEs: 8EXPL: 1

Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel spreadsheet, related to improper validation of record information, aka "Excel Buffer Overrun Vulnerability." Desbordamiento de búfer en Microsoft Excel 2002 SP3, 2003 SP3 y SP2 2007, Office 2004 y 2008 para Mac, Open XML Format Converter para Mac, Excel Viewer Service Pack 2, y el paquete de compatibilidad de Office para Word, Excel y PowerPoint 2007 Service Pack 2, permite a atacantes remotos provocar una denegación de servicio (caída) o ejecutar código de su elección mediante a través de una hoja de cálculo Excel manipulada,ralacionado con la validación incorrecta de la información almacenada tambien conocida como "Vulnerabilidad de saturación de búfer en Excel". • https://www.exploit-db.com/exploits/17643 http://osvdb.org/72924 http://securityreason.com/securityalert/8330 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-045 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12451 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •