CVSS: 9.3EPSS: 95%CPEs: 11EXPL: 0CVE-2010-0823
https://notcve.org/view.php?id=CVE-2010-0823
Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249. Vulnerabilidad no especificada en Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 y SP2; Office 2004 para mac; Office 2008 para Mac; Open XML File Format Converter para Mac; Office Excel Viewer SP1 y SP2; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP1 y SP2; permite a atacantes remotos ejecutar código de su elección a través de un fichero Excel manipulado, conocido como "Vulnerabilidad de corrupción de memoria Excel", una vulnerabilidad diferente que CVE-2010-1247 y CVE-2010-1249. • http://osvdb.org/65233 http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7240 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 93%CPEs: 2EXPL: 2CVE-2010-1248 – Microsoft Excel - HFPicture Record Parsing Remote Code Execution
https://notcve.org/view.php?id=CVE-2010-1248
Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability." Vulnerabilidad no específica en Microsoft Office Excel 2002 SP3 y Office 2004 para Mac permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado Excel, conocido como "Vulnerabilidad de corrupción de memoria HFPicture Excel" • https://www.exploit-db.com/exploits/15019 https://www.exploit-db.com/exploits/15065 http://osvdb.org/65235 http://www.securityfocus.com/archive/1/511765/100/0/threaded http://www.securityfocus.com/bid/40526 http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7223 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 94%CPEs: 4EXPL: 0CVE-2010-1249
https://notcve.org/view.php?id=CVE-2010-1249
Buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed ExternName (0x23) record, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0823 and CVE-2010-1247. Vulnerabilidad no especificada en Microsoft Office Excel 2002 SP3, Office 2004 para Mac, Office 2008 para Mac, y Open XML File Format Converter para Mac permite a atacantes remotos ejecutar código de su elección a través de un fichero Excel manipulado, conocido como "Vulnerabilidad de corrupción de memoria Excel", una vulnerabilidad diferente que CVE-2010-0823 y CVE-2010-1247. • http://osvdb.org/65232 http://www.securityfocus.com/archive/1/511767/100/0/threaded http://www.securityfocus.com/bid/40527 http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6634 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 95%CPEs: 4EXPL: 0CVE-2010-1250
https://notcve.org/view.php?id=CVE-2010-1250
Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with malformed (1) EDG (0x88) and (2) Publisher (0x89) records, aka "Excel EDG Memory Corruption Vulnerability." Vulnerabilidad no especificada en Microsoft Office Excel 2002 SP3, Office 2004 para Mac, Office 2008 para Mac, y Open XML File Format Converter para Mac permite a atacantes remotos ejecutar código de su elección a través de un fichero Excel debidamente modificado. Esta vulnerabilidad también es conocida como "Vulnerabilidad de corrupción de memoria EDG en Excel". • http://www.securityfocus.com/archive/1/511756/100/0/threaded http://www.securityfocus.com/bid/40528 http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7593 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 57%CPEs: 2EXPL: 0CVE-2010-1251
https://notcve.org/view.php?id=CVE-2010-1251
Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Record Stack Corruption Vulnerability." Vulnerabilidad sin expecificar de Microsoft Office Excel 2002 SP3 y Office 2004 para Mac, permite a atacantes remotos ejecutar código a su elección a través de archivos Excel manipulados, también conocido como "Vulnerabilidad de corrupción del registro de pila de Excel". • http://www.securityfocus.com/bid/40529 http://www.us-cert.gov/cas/techalerts/TA10-159B.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-038 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6761 • CWE-94: Improper Control of Generation of Code ('Code Injection') •