Page 56 of 337 results (0.007 seconds)

CVSS: 9.3EPSS: 74%CPEs: 5EXPL: 0

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. Vulnerabilidad no especificada de Microsoft Outlook en Office 2000 SP3, XP SP3, 2003 SP2 y Sp3, y sistemas Office permite a atacantes remotos asistidos por usuarios ejecutar código de su elección mediante la modificación de un mailto URI. • http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29320 http://www.kb.cert.org/vuls/id/393305 http://www.securityfocus.com/bid/28147 http://www.securitytracker.com/id?1019579 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0847/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 76%CPEs: 12EXPL: 1

Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability." Vulnerabilidad no especificada en Microsoft Excel 2000 SP3 y 2002 SP2, y Office 2004 y 2008 para Mac, permite a atacantes remotos asistidos por usuarios ejecutar código de su elección mediante valores de formateo condicional (conditional formatting values), también conocido como "Vulnerabilidad Excel de formateo condicional". • https://www.exploit-db.com/exploits/5287 http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://www.securityfocus.com/bid/28170 http://www.securitytracker.com/id?1019587 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0846/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5508 •

CVSS: 9.3EPSS: 58%CPEs: 4EXPL: 0

Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulnerability." Vulnerabilidad sin especificar en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2 y Office 2004 para Mac. Permite a atacantes remotos ejecutar código de su elección a través de un documento de Office que contiene un objeto mal formado, relacionado con un "error de gestión de memoria" también conocido como "Microsoft Office Execution Jump Vulnerability." • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28909 http://www.securityfocus.com/bid/27738 http://www.securitytracker.com/id?1019375 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0515/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5407 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 74%CPEs: 4EXPL: 0

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability." Vulnerabilidad sin especificar en Microsoft Office Publisher 2000, 2002 y 2003 SP2. Permite a atacantes remotos ejecutar código de su elección a través de un archivo .pub manipulado, también conocido como "Publisher Memory Corruption Vulnerability." • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28906 http://www.securityfocus.com/bid/27740 http://www.securitytracker.com/id?1019377 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0514/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4547 • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 68%CPEs: 5EXPL: 0

Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. Word en Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2 y Office Word Viewer 2003, permite a los atacantes remotos ejecutar código arbitrario por medio de campos especialmente diseñados dentro del File Information Block (FIB) de un archivo de Word, lo que desencadena errores de cálculo de longitud y corrupción de memoria. • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28901 http://www.kb.cert.org/vuls/id/692417 http://www.securityfocus.com/archive/1/488071/100/0/threaded http://www.securityfocus.com/bid/27656 http://www.securitytracker.com/id?1019374 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0511/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-009 https:/ • CWE-399: Resource Management Errors •