CVSS: 9.3EPSS: 70%CPEs: 11EXPL: 0CVE-2006-5994
https://notcve.org/view.php?id=CVE-2006-5994
Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456. Vulnerabilidad no especificada en Microsoft Word 2000 y 2002, Office Word y Word Viewer 2003, Word 2004 y 2004 v. X para Mac, y Works 2004, 2005, y 2006 permite a atacantes remotos ejecutar código de su elección mediante un documento Word con una cadena mal formada que provoca una corrupción de memoria, una vulnerabilidad diferente que CVE-2006-6456. • http://blogs.securiteam.com/?p=759 http://blogs.technet.com/msrc/archive/2006/12/06/microsoft-security-advisory-929433-posted.aspx http://secunia.com/advisories/23232 http://securitytracker.com/id?1017339 http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9005698&intsrc=hm_list http://www.kb.cert.org/vuls/id/167928 http://www.microsoft.com/technet/security/advisory/929433.mspx http://www.osvdb.org/30824 http://www.securityfocus.com/archive/1/453735/10 •
CVSS: 5.1EPSS: 47%CPEs: 13EXPL: 0CVE-2006-0009
https://notcve.org/view.php?id=CVE-2006-0009
Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. • http://archives.neohapsis.com/archives/fulldisclosure/2006-08/0597.html http://blogs.securiteam.com/?author=28 http://blogs.securiteam.com/?p=557 http://blogs.securiteam.com/?p=559 http://isc.sans.org/diary.php?storyid=1618 http://lists.grok.org.uk/pipermail/full-disclosure/2006-September/049540.html http://secunia.com/advisories/19138 http://secunia.com/advisories/19238 http://securitytracker.com/id? •
CVSS: 7.5EPSS: 48%CPEs: 22EXPL: 0CVE-2004-0848
https://notcve.org/view.php?id=CVE-2004-0848
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. • http://www.kb.cert.org/vuls/id/416001 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-005 https://exchange.xforce.ibmcloud.com/vulnerabilities/19107 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2348 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2738 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A40 •
CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0CVE-2004-0573
https://notcve.org/view.php?id=CVE-2004-0573
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. Desbordamiento de búfer en el convertidor de Microsoft WordPerfect 5.x en Office 2000, Office XP, Offiece 2003 y las suites Works 2001 a 2004 permite a atacantes remotos ejecutar código de su elección mediante un documento o un sitio web malicioso. • http://marc.info/?l=bugtraq&m=109519646030906&w=2 http://secunia.com/advisories/12529 http://securitytracker.com/id?1011249 http://securitytracker.com/id?1011250 http://securitytracker.com/id?1011251 http://securitytracker.com/id? •
CVSS: 7.5EPSS: 10%CPEs: 27EXPL: 0CVE-2003-0820
https://notcve.org/view.php?id=CVE-2003-0820
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. Micrososft Word 97, 98(J), 2000 y 2002, y Micrososft Works Suites 2001 a 2004, no comprueban adecuadamente la longitud de valor de datos "Macro Names", lo que podría permitir a atacantes remotos ejecutar código arbitrario mediante un ataque de desbordamiento de búfer. • http://archives.neohapsis.com/archives/bugtraq/2003-10/0163.html http://www.security.nnov.ru/search/document.asp?docid=5243 http://www.securityfocus.com/bid/8835 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-050 https://exchange.xforce.ibmcloud.com/vulnerabilities/13682 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A336 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A585 https://oval.cisecur •