CVE-2007-0216 – Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
https://notcve.org/view.php?id=CVE-2007-0216
wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." La biblioteca wkcvqd01.dll en Microsoft Works versión 6 File Converter, tal y como es usado en Office 2003 SP2, Works versión 8.0 y Works Suite 2005, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo .wps con encabezados de longitud de sección diseñados, también se conoce como "Microsoft Works File Converter Input Validation Vulnerability". • https://www.exploit-db.com/exploits/5107 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=659 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28904 http://www.securityfocus.com/bid/27657 http://www.securitytracker.com/id?1019386 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0513/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011 https: • CWE-20: Improper Input Validation •
CVE-2008-0105 – Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
https://notcve.org/view.php?id=CVE-2008-0105
Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." Microsoft Works 6 File Converter, como el utilizado en Office 2003 SP2 y SP3, Works 8.0, y Works Suite 2005, permite a atacantes remotos ejecutar código de su elección a través de un fichero .wps con una sección de la cabecera de índice de la tabla de información manipulada, también conocida como "Vulnerabilidad en Tabla Índice de Microsoft Works File Converter" • https://www.exploit-db.com/exploits/5107 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28904 http://www.securityfocus.com/bid/27658 http://www.securitytracker.com/id?1019387 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0513/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-011 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-20: Improper Input Validation •
CVE-2008-0108 – Microsoft Office 2003 - '.wps' Local Stack Overflow (MS08-011)
https://notcve.org/view.php?id=CVE-2008-0108
Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." Un desbordamiento de búfer en la región stack de la memoria en la biblioteca wkcvqd01.dll en Microsoft Works versión 6 File Converter, tal y como es usado en Office 2003 SP2 y SP3, Works versión 8.0 y Works Suite 2005, permite a los atacantes remotos ejecutar código arbitrario por medio de un archivo .wps con longitudes de campo diseñado, también se conoce como "Microsoft Works File Converter Field Length Vulnerability". • https://www.exploit-db.com/exploits/5107 https://www.exploit-db.com/exploits/31118 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=660 http://marc.info/?l=bugtraq&m=120361015026386&w=2 http://secunia.com/advisories/28904 http://www.securityfocus.com/bid/27659 http://www.securitytracker.com/id?1019388 http://www.us-cert.gov/cas/techalerts/TA08-043C.html http://www.vupen.com/english/advisories/2008/0513/references https://docs.microsoft.com/en-us/sec • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2006-3653 – Microsoft Works 8.0 Spreadsheet - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2006-3653
wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files. wksss.exe 8.4.702.0 en Microsoft Works Spreadshhet 8.0 permite a atacantes remotos causar una denegación de servicio (Consumición de CPU o caída) mediante ficheros artesanales de (1) Works, (2) Excel, y (3) Lotus 1-2-3. • https://www.exploit-db.com/exploits/28222 http://securitytracker.com/id?1016504 http://www.securityfocus.com/archive/1/440056/100/0/threaded http://www.securityfocus.com/bid/18989 http://www.vupen.com/english/advisories/2006/2813 •
CVE-2006-3654
https://notcve.org/view.php?id=CVE-2006-3654
Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files. Desbordamiento de búfer en wksss.exe 8.4.702.0 en Microsoft Works Spreadsheet 8.0 permite a atacantes remotos provocar denegación de servicio (consumo de CPU o caida) a través de archivos EXCEL manipulados. • http://securitytracker.com/id?1016504 http://www.securityfocus.com/archive/1/440056/100/0/threaded http://www.securityfocus.com/bid/18989 http://www.vupen.com/english/advisories/2006/2813 https://exchange.xforce.ibmcloud.com/vulnerabilities/27794 •