CVSS: 9.3EPSS: 31%CPEs: 8EXPL: 0CVE-2007-3890
https://notcve.org/view.php?id=CVE-2007-3890
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption. Microsoft Excel en Office 2000 SP3, Office XP SP3, Office 2003 SP2, y Office 2004 para Mac permite a atacantes remotos ejecutar código de su elección mediante un Espacio de Trabajo (Workspace) con un determinado valor de índice que dispara una corrupción de memoria. • http://secunia.com/advisories/26145 http://www.securityfocus.com/bid/25280 http://www.securitytracker.com/id?1018561 http://www.us-cert.gov/cas/techalerts/TA07-226A.html http://www.vupen.com/english/advisories/2007/2868 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2149 •
CVSS: 9.3EPSS: 72%CPEs: 10EXPL: 0CVE-2007-1756
https://notcve.org/view.php?id=CVE-2007-1756
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability". Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, y Office Excel 2007 no valida de forma adecuada la información de la versión, lo cual permite a atacantes remotos con la intervención del usuario ejecutar código de su elección a través de archivos Excel manipulados, también conocido como "Vulnerabilidad de calculo error". • http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html http://osvdb.org/35957 http://secunia.com/advisories/25995 http://www.securityfocus.com/bid/24801 http://www.securitytracker.com/id?1018352 http://www.us-cert.gov/cas/techalerts/TA07-191A.html http://www.vupen.com/english/advisories/2007/2478 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-036 https://exchange.xforce.ibmcloud.com/vulnerabilities/35210 https://oval.cisecurity.org/repo •
CVSS: 9.3EPSS: 80%CPEs: 4EXPL: 0CVE-2007-3029
https://notcve.org/view.php?id=CVE-2007-3029
Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption. Vulnerabilidad sin especificar en el Microsoft Excel 2002 SP3 y 2003 SP2 permite a atacantes con la intervención del usuario ejecutar código de su elección a través de un fichero Excel mal formado que contiene múltiples hojas de trabajo activas, lo que provoca una corrupción de memoria. • http://archive.cert.uni-stuttgart.de/bugtraq/2007/07/msg00254.html http://osvdb.org/35958 http://secunia.com/advisories/25995 http://www.securityfocus.com/bid/22555 http://www.securitytracker.com/id?1018352 http://www.us-cert.gov/cas/techalerts/TA07-191A.html http://www.vupen.com/english/advisories/2007/2478 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-036 https://exchange.xforce.ibmcloud.com/vulnerabilities/35215 https://oval.cisecurity.org/repo •
CVSS: 9.3EPSS: 92%CPEs: 5EXPL: 0CVE-2007-1747
https://notcve.org/view.php?id=CVE-2007-1747
Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. Vulnerabilidad no especificada en MSO.dll en Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 para Mac, y 2007 permite a atacantes con la intervención del usuario ejecutar código de su elección a través de objeto de dibujo malformado, lo cual disparar una corrupción de memoria. • http://secunia.com/advisories/25178 http://www.kb.cert.org/vuls/id/853184 http://www.osvdb.org/34396 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23826 http://www.securitytracker.com/id?1018014 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1710 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-025 https://exchange.xforce.ibmcloud.com/vulne • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 85%CPEs: 8EXPL: 0CVE-2007-0035
https://notcve.org/view.php?id=CVE-2007-0035
Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability." Word (o Word Viewer) en Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 para Mac, y Works Suite 2004, 2005 y 2006 no manejan apropiadamente los datos en una determinada matriz, lo que permite a atacantes remotos asistidos por el usuario ejecutar código arbitrario, también se conoce como "Word Array Overflow Vulnerability." • http://www.kb.cert.org/vuls/id/260777 http://www.osvdb.org/34387 http://www.securityfocus.com/archive/1/468871/100/200/threaded http://www.securityfocus.com/bid/23804 http://www.securitytracker.com/id?1018013 http://www.us-cert.gov/cas/techalerts/TA07-128A.html http://www.vupen.com/english/advisories/2007/1709 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-024 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Ade • CWE-20: Improper Input Validation •