CVSS: 9.3EPSS: 81%CPEs: 6EXPL: 1CVE-2011-0978 – Microsoft Office Excel Axis Properties Record Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0978
07 Feb 2011 — Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office Excel permite a atacantes remotos ejecutar código de su elecci... • https://www.exploit-db.com/exploits/17227 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 11EXPL: 0CVE-2011-0979 – Microsoft Office Excel Office Art Object Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0979
07 Feb 2011 — Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." Excel 2002 SP3, 2003 SP3, 2007 SP2 y 2010; Office 2004, 2008 y 2011 para Mac; Open XML File For... • http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 60%CPEs: 6EXPL: 0CVE-2011-0980 – Microsoft Office Excel 2003 Invalid Object Type Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0980
07 Feb 2011 — Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability." Microsoft Office Excel 2003 no parsea correctamente objetos Office Art, lo que permite a atacantes remotos ejecutar código arbitrario a través de vectores relacionados con un puntero a función. This vulnerability al... • http://dvlabs.tippingpoint.com/blog/2011/02/07/zdi-disclosure-microsoft • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 59%CPEs: 3EXPL: 0CVE-2010-3945
https://notcve.org/view.php?id=CVE-2010-3945
16 Dec 2010 — Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability." Desbordamiento del búfer en el convertidor de imágenes CGM de los filtros gráficos de Microsoft Office XP SP3, Office 2003 SP3, y Office Converter Pack permite a atacantes remotos ejecutar código de su elección mediante u... • http://www.securitytracker.com/id?1024887 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 64%CPEs: 3EXPL: 0CVE-2010-3946
https://notcve.org/view.php?id=CVE-2010-3946
16 Dec 2010 — Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability." Desbordamiento de enteros en el convertidor de imágenes PICT en los filtros de gráficos en Microsoft Office XP SP3, Office 2003 SP3 y Office Converter Pack permite a atacantes remotos ejecutar código arbitrario a tr... • http://www.securitytracker.com/id?1024887 • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 6CVE-2010-3333 – Microsoft Office Stack-based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2010-3333
10 Nov 2010 — Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011 y Open XML File Format Converter... • https://www.exploit-db.com/exploits/18334 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 64%CPEs: 8EXPL: 0CVE-2010-3334
https://notcve.org/view.php?id=CVE-2010-3334
10 Nov 2010 — Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, which triggers memory corruption, aka "Office Art Drawing Records Vulnerability." Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac... • http://secunia.com/advisories/38521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 56%CPEs: 4EXPL: 0CVE-2010-2573 – Microsoft Office PowerPoint Unknown Animation Node Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2573
09 Nov 2010 — Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability." Desbordamiento de entero en Microsoft PowerPoint 2002 SP3 y 2003 SP3, PowerPoint Viewer SP2, y Office 2004 para Mac permite a atacantes remotos ejecutar código de su elección a través de un documento PowerPoint manipulado, también conocida co... • http://www.us-cert.gov/cas/techalerts/TA10-313A.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 66%CPEs: 8EXPL: 0CVE-2010-3335 – Microsoft Excel MSODrawing Improper Exception Handling Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-3335
09 Nov 2010 — Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Drawing Exception Handling Vulnerability." Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 y 2008 para Mac, Office para Mac 2011, y Open XML File Format Converter para Mac permite a atacantes r... • http://secunia.com/advisories/38521 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 58%CPEs: 12EXPL: 0CVE-2010-3214
https://notcve.org/view.php?id=CVE-2010-3214
13 Oct 2010 — Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, y 2010; Office 2004 y... • http://www.securityfocus.com/archive/1/514302/100/0/threaded • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •