CVSS: 9.3EPSS: 62%CPEs: 16EXPL: 0CVE-2009-1134 – Microsoft Office Excel QSIR Record Pointer Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2009-1134
10 Jun 2009 — Excel in 2007 Microsoft Office System SP1 and SP2; Microsoft Office Excel Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remote attackers to execute arbitrary code via a BIFF file with a malformed Qsir (0x806) record object, aka "Record Pointer Corruption Vulnerability." Excel en 2007 Office System SP1 y SP2 de Microsoft; Office Excel Viewer de Microsoft; y Office Compatibility Pack para formatos de archivo de Word, Excel y PowerPoint 2007... • http://osvdb.org/54958 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 72%CPEs: 12EXPL: 0CVE-2009-0563 – Microsoft Office Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2009-0563
10 Jun 2009 — Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a crafted tag containing an invalid length field, aka "Word Buffer Overflow Vulnerability."... • http://osvdb.org/54959 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 57%CPEs: 17EXPL: 0CVE-2009-0224
https://notcve.org/view.php?id=CVE-2009-0224
12 May 2009 — Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; PowerPoint Viewer 2003 and 2007 SP1 and SP2; PowerPoint in Microsoft Office 2004 for Mac and 2008 for Mac; Open XML File Format Converter for Mac; Microsoft Works 8.5 and 9.0; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly validate PowerPoint files, which allows remote attackers to execute arbitrary code via multiple crafted BuildList records that include Cha... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=793 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 66%CPEs: 12EXPL: 0CVE-2009-0088
https://notcve.org/view.php?id=CVE-2009-0088
15 Apr 2009 — The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack, aka "Word 2000 WordPerfect 6.x Converter Stack Corruption Vulnerability." El conversor WordPerfect 6.x en Microsoft Office Word 2000 SP3 y Microsoft Office Co... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=782 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 59%CPEs: 19EXPL: 0CVE-2008-4024
https://notcve.org/view.php?id=CVE-2008-4024
10 Dec 2008 — Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability." Microsoft Office Word 2000 SP3 y 2002 SP3 y Office 2004 para Mac permiten a los atacantes remotos ejecutar código arbitrario por medio de un documento de Word con un campo lcbPlcfBkfSdt c... • http://www.coresecurity.com/content/word-arbitrary-free • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 71%CPEs: 19EXPL: 0CVE-2008-4025
https://notcve.org/view.php?id=CVE-2008-4025
10 Dec 2008 — Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via (1) an RTF file or (2) a rich text e-mail message containing an invalid number of points for a polyline or polygon, which triggers a heap-based... • http://secunia.com/secunia_research/2008-21 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 19EXPL: 0CVE-2008-4026
https://notcve.org/view.php?id=CVE-2008-4026
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed value, which triggers memory corruption, aka "Word Memory Corruption Vulnerability." Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, y 2... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 66%CPEs: 19EXPL: 0CVE-2008-4030
https://notcve.org/view.php?id=CVE-2008-4030
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control words in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Parsing Vulnerability," a different vulnerability than CVE-2008-4028. ... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 66%CPEs: 19EXPL: 0CVE-2008-4031
https://notcve.org/view.php?id=CVE-2008-4031
10 Dec 2008 — Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a malformed string in (1) an RTF file or (2) a rich text e-mail message, which triggers incorrect memory allocation and memory corruption, aka "Word RTF Object Par... • http://www.securitytracker.com/id?1021370 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 68%CPEs: 18EXPL: 0CVE-2008-4264
https://notcve.org/view.php?id=CVE-2008-4264
10 Dec 2008 — Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Excel spreadsheet that contains a malformed formula, which triggers "pointer corruption" during the loading of formulas from this spreadsheet, aka "File Format Pars... • http://www.securityfocus.com/bid/32621 • CWE-399: Resource Management Errors •