Page 57 of 343 results (0.006 seconds)

CVSS: 9.3EPSS: 74%CPEs: 5EXPL: 0

CVE-2008-0110

https://notcve.org/view.php?id=CVE-2008-0110

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. Vulnerabilidad no especificada de Microsoft Outlook en Office 2000 SP3, XP SP3, 2003 SP2 y Sp3, y sistemas Office permite a atacantes remotos asistidos por usuarios ejecutar código de su elección mediante la modificación de un mailto URI. • http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29320 http://www.kb.cert.org/vuls/id/393305 http://www.securityfocus.com/bid/28147 http://www.securitytracker.com/id?1019579 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0847/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-015 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval& • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 95%CPEs: 4EXPL: 2

CVE-2008-0118 – Microsoft Office 2000/2003/2004/XP - File Memory Corruption

https://notcve.org/view.php?id=CVE-2008-0118

Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Office Memory Corruption Vulnerability." Vulnerabilidad no especificada en Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 hasta SP3, y Office 2004 para Mac permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante documento Office manipulado que dispara una corrupción de memoria por un error de asignación (allocation error), también conocido como "Vulnerabilidad de Corrupción de Memoria en Microsoft Office (Microsoft Office Memory Corruption Vulnerability)." • https://www.exploit-db.com/exploits/31361 https://www.exploit-db.com/exploits/5320 http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://secunia.com/advisories/29321 http://www.securityfocus.com/bid/28146 http://www.securitytracker.com/id?1019578 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0848/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-016 https://oval.cisecurity.org • CWE-94: Improper Control of Generation of Code ('Code Injection') •

CVSS: 9.3EPSS: 76%CPEs: 12EXPL: 1

CVE-2008-0117 – Microsoft Excel - Code Execution (MS08-014)

https://notcve.org/view.php?id=CVE-2008-0117

Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability." Vulnerabilidad no especificada en Microsoft Excel 2000 SP3 y 2002 SP2, y Office 2004 y 2008 para Mac, permite a atacantes remotos asistidos por usuarios ejecutar código de su elección mediante valores de formateo condicional (conditional formatting values), también conocido como "Vulnerabilidad Excel de formateo condicional". • https://www.exploit-db.com/exploits/5287 http://marc.info/?l=bugtraq&m=120585858807305&w=2 http://www.securityfocus.com/bid/28170 http://www.securitytracker.com/id?1019587 http://www.us-cert.gov/cas/techalerts/TA08-071A.html http://www.vupen.com/english/advisories/2008/0846/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-014 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5508 •

CVSS: 9.3EPSS: 57%CPEs: 4EXPL: 0

CVE-2008-0103

https://notcve.org/view.php?id=CVE-2008-0103

Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulnerability." Vulnerabilidad sin especificar en Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2 y Office 2004 para Mac. Permite a atacantes remotos ejecutar código de su elección a través de un documento de Office que contiene un objeto mal formado, relacionado con un "error de gestión de memoria" también conocido como "Microsoft Office Execution Jump Vulnerability." • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28909 http://www.securityfocus.com/bid/27738 http://www.securitytracker.com/id?1019375 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0515/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-013 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5407 • CWE-399: Resource Management Errors •

CVSS: 9.3EPSS: 74%CPEs: 4EXPL: 0

CVE-2008-0104

https://notcve.org/view.php?id=CVE-2008-0104

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability." Vulnerabilidad sin especificar en Microsoft Office Publisher 2000, 2002 y 2003 SP2. Permite a atacantes remotos ejecutar código de su elección a través de un archivo .pub manipulado, también conocido como "Publisher Memory Corruption Vulnerability." • http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28906 http://www.securityfocus.com/bid/27740 http://www.securitytracker.com/id?1019377 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0514/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-012 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4547 • CWE-94: Improper Control of Generation of Code ('Code Injection') •