Page 7 of 47 results (0.015 seconds)

CVSS: 7.5EPSS: 48%CPEs: 22EXPL: 0

CVE-2004-0848

https://notcve.org/view.php?id=CVE-2004-0848

Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. • http://www.kb.cert.org/vuls/id/416001 http://www.us-cert.gov/cas/techalerts/TA05-039A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-005 https://exchange.xforce.ibmcloud.com/vulnerabilities/19107 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2348 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2738 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A40 •

CVSS: 10.0EPSS: 27%CPEs: 1EXPL: 0

CVE-2004-0963

https://notcve.org/view.php?id=CVE-2004-0963

Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values. • http://marc.info/?l=bugtraq&m=109716247230733&w=2 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2005/ms05-023 https://exchange.xforce.ibmcloud.com/vulnerabilities/17635 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1795 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2105 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2216 https://oval.cisecurity.org/repository/search •

CVSS: 9.3EPSS: 95%CPEs: 43EXPL: 6

CVE-2004-0200 – Microsoft Windows - JPEG Processing Buffer Overrun (MS04-028)

https://notcve.org/view.php?id=CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Desbordamiento de búfer en el motor de proceso de JPEG (JPG) en GDIPlus.dll, usado en varios productos de Microsoft, permite a atacantes remotos ejecutar código de su elección mediante un campo de longitud JPEG COM pequeño que es normalizado a una longitud de entero grande antes de una operación de copia de memoria. • https://www.exploit-db.com/exploits/474 https://www.exploit-db.com/exploits/556 https://www.exploit-db.com/exploits/475 https://www.exploit-db.com/exploits/478 https://www.exploit-db.com/exploits/472 https://www.exploit-db.com/exploits/480 http://marc.info/?l=bugtraq&m=109524346729948&w=2 http://www.kb.cert.org/vuls/id/297462 http://www.us-cert.gov/cas/techalerts/TA04-260A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms •

CVSS: 7.5EPSS: 93%CPEs: 16EXPL: 0

CVE-2004-0573

https://notcve.org/view.php?id=CVE-2004-0573

Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. Desbordamiento de búfer en el convertidor de Microsoft WordPerfect 5.x en Office 2000, Office XP, Offiece 2003 y las suites Works 2001 a 2004 permite a atacantes remotos ejecutar código de su elección mediante un documento o un sitio web malicioso. • http://marc.info/?l=bugtraq&m=109519646030906&w=2 http://secunia.com/advisories/12529 http://securitytracker.com/id?1011249 http://securitytracker.com/id?1011250 http://securitytracker.com/id?1011251 http://securitytracker.com/id? •

CVSS: 7.5EPSS: 10%CPEs: 27EXPL: 0

CVE-2003-0820

https://notcve.org/view.php?id=CVE-2003-0820

Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. Micrososft Word 97, 98(J), 2000 y 2002, y Micrososft Works Suites 2001 a 2004, no comprueban adecuadamente la longitud de valor de datos "Macro Names", lo que podría permitir a atacantes remotos ejecutar código arbitrario mediante un ataque de desbordamiento de búfer. • http://archives.neohapsis.com/archives/bugtraq/2003-10/0163.html http://www.security.nnov.ru/search/document.asp?docid=5243 http://www.securityfocus.com/bid/8835 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2003/ms03-050 https://exchange.xforce.ibmcloud.com/vulnerabilities/13682 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A336 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A585 https://oval.cisecur •