Page 60 of 343 results (0.009 seconds)

CVSS: 9.3EPSS: 88%CPEs: 10EXPL: 0

CVE-2006-1311

https://notcve.org/view.php?id=CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption. El componente RichEdit en Microsoft Windows 2000 SP4, XP SP2, y 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, y Office 2004 para Mac; y Learning Essentials para Microsoft Office 1.0, 1.1, y 1.5 permite a atacantes remotos con la complicidad del usuario ejecutar código de su elección mediante un objeto OLE mal formado en un fichero RTF, lo cual provoca una corrupción de memoria. • http://secunia.com/advisories/24152 http://www.kb.cert.org/vuls/id/368132 http://www.osvdb.org/31886 http://www.securityfocus.com/bid/21876 http://www.securitytracker.com/id?1017640 http://www.securitytracker.com/id?1017641 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0582 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-013 https://exchange.xforce.ibmcloud.com/vulnerabilities/30592 https:/ •

CVSS: 9.3EPSS: 94%CPEs: 36EXPL: 0

CVE-2007-0671

https://notcve.org/view.php?id=CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. Una vulnerabilidad no especificada en Microsoft Excel 2000, XP, 2003 y 2004 para Mac, y posiblemente otros productos de Office, permite a atacantes asistidos por el usuario ejecutar código arbitrario por medio de vectores de ataque desconocidos, como es demostrado por el archivo Exploit-MSExcel.h en ataques de día cero dirigidos. • http://osvdb.org/31901 http://secunia.com/advisories/24008 http://securitytracker.com/id?1017584 http://vil.nai.com/vil/content/v_141393.htm http://www.avertlabs.com/research/blog/?p=191 http://www.kb.cert.org/vuls/id/613740 http://www.microsoft.com/technet/security/advisory/932553.mspx http://www.securityfocus.com/bid/22383 http://www.us-cert.gov/cas/techalerts/TA07-044A.html http://www.vupen.com/english/advisories/2007/0463 https://docs.microsoft.com •

CVSS: 9.3EPSS: 96%CPEs: 11EXPL: 2

CVE-2007-0515 – Microsoft Word 2000 - Code Execution

https://notcve.org/view.php?id=CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. Una vulnerabilidad no especificada en Microsoft Word, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario en Word 2000, y causar una denegación de servicio en Word 2003, por medio de vectores de ataque desconocidos que desencadenan una corrupción de memoria, como es explotado por Trojan.Mdropper.W y posteriores por Trojan.Mdropper.X, un problema diferente de CVE-2006-6456, CVE-2006-5994, y CVE-2006-6561. • https://www.exploit-db.com/exploits/3260 https://www.exploit-db.com/exploits/29524 http://isc.sans.org/diary.html?storyid=2133 http://osvdb.org/31900 http://secunia.com/advisories/23950 http://securitytracker.com/id?1017564 http://www.kb.cert.org/vuls/id/412225 http://www.microsoft.com/technet/security/advisory/932114.mspx http://www.securityfocus.com/bid/22225 http://www.securityfocus.com/bid/22328 http://www.symantec.com/enterprise/security_response/weblog/2007/0 •

CVSS: 9.3EPSS: 77%CPEs: 11EXPL: 0

CVE-2007-0028

https://notcve.org/view.php?id=CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 para Mac y Office v.X para Mac no maneja apropiadamente ciertos códigos de operación, permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario por medio de un archivo XLS especialmente diseñado, lo que resulta en un "Improper Memory Access Vulnerabilityā€¯. NOTA: una divulgación temprana de este problema usó CVE-2006-3432, pero sólo CVE-2007-0028 debe ser usado. • http://secunia.com/advisories/23676 http://securitytracker.com/id?1017485 http://www.fortinet.com/FortiGuardCenter/advisory/FG-2006-30.html http://www.fortinet.com/FortiGuardCenter/advisory/FGA-2007-01.html http://www.kb.cert.org/vuls/id/493185 http://www.osvdb.org/31249 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21952 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 93%CPEs: 11EXPL: 1

CVE-2007-0031 – Microsoft Excel - Malformed Palette Record Denial of Service (PoC) (MS07-002)

https://notcve.org/view.php?id=CVE-2007-0031

Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. Desbordamiento de búfer basado en pila en Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y v.X para Mac permite a un atacante remoto con la intervención de un usuario ejecutar código de su elección a través de una hoja de cálculo con un registro PALETTE que contiene un gran número de entradas. • https://www.exploit-db.com/exploits/3193 http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=461 http://securitytracker.com/id?1017487 http://www.kb.cert.org/vuls/id/625532 http://www.osvdb.org/31258 http://www.securityfocus.com/archive/1/457274/100/0/threaded http://www.securityfocus.com/bid/21922 http://www.us-cert.gov/cas/techalerts/TA07-009A.html http://www.vupen.com/english/advisories/2007/0103 https://docs.microsoft.com/en-us/security-updates •