CVSS: 9.3EPSS: 58%CPEs: 8EXPL: 0CVE-2010-1902
https://notcve.org/view.php?id=CVE-2010-1902
11 Aug 2010 — Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via unspecified properties in the data in a crafted RTF document, aka "Word RTF Parsing Buffer Overflow Vulnerability." Desbordamiento de búfer en Microsoft Office Word 2002 SP3, 2003 SP3, y 2007 SP2; Mi... • http://www.us-cert.gov/cas/techalerts/TA10-222A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 56%CPEs: 5EXPL: 0CVE-2010-2562
https://notcve.org/view.php?id=CVE-2010-2562
11 Aug 2010 — Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel file, aka "Excel Memory Corruption Vulnerability." Microsoft Office Excel 2002 SP3 y 2003 SP3, Office 2004 y 2008 para Mac, y Open XML File Format Converter para Mac no parsea adecuadamente el formato de archivo Excel, lo q... • http://www.us-cert.gov/cas/techalerts/TA10-222A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 50%CPEs: 9EXPL: 1CVE-2010-1900 – Microsoft Office Word sprmCMajority Record Parsing Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-1900
11 Aug 2010 — Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability." Microsoft Office Word 2002 SP3, 2003 SP3... • https://www.exploit-db.com/exploits/14971 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 83%CPEs: 8EXPL: 2CVE-2010-0266 – Microsoft Outlook - 'ATTACH_BY_REF_ONLY' File Execution (MS10-045)
https://notcve.org/view.php?id=CVE-2010-0266
14 Jul 2010 — Microsoft Office Outlook 2002 SP3, 2003 SP3, and 2007 SP1 and SP2 does not properly verify e-mail attachments with a PR_ATTACH_METHOD property value of ATTACH_BY_REFERENCE, which allows user-assisted remote attackers to execute arbitrary code via a crafted message, aka "Microsoft Outlook SMB Attachment Vulnerability." Microsoft Office Outlook 2002 SP3, 2003 SP3, y 2007 SP1 y SP2 no verifica correctamente adjuntos en correo electrónico con un valor adecuado PR_ATTACH_METHOD de ATTACH_BY_REFERENCE, el cual pe... • https://www.exploit-db.com/exploits/16700 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 10.0EPSS: 61%CPEs: 6EXPL: 0CVE-2010-0814 – Microsoft Office Access AccWizObjects ActiveX Control Uninitialized Imports Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0814
13 Jul 2010 — The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that references multiple ActiveX controls, as demonstrated by the ImexGrid and FieldList controls, aka "Access ActiveX Control Vulnerability." El Microsoft Access Wizard Controls en ACCWIZ.dll en Microsoft Office Access 2003... • http://www.us-cert.gov/cas/techalerts/TA10-194A.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 80%CPEs: 4EXPL: 3CVE-2010-0822 – Microsoft Excel - Malformed OBJ Record Handling Overflow (MS11-038)
https://notcve.org/view.php?id=CVE-2010-0822
08 Jun 2010 — Stack-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a crafted OBJ (0x5D) record, aka "Excel Object Stack Overflow Vulnerability." Microsoft Office Excel 2002 SP3, Office 2004 para Mac, Office 2008 para Mac, y el Conversor de Formatos de Ficheros Open XML -Open XML File Format Converter- para Mac, permite a atacantes remotos ejecutar código ... • https://www.exploit-db.com/exploits/18143 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 57%CPEs: 11EXPL: 0CVE-2010-0823
https://notcve.org/view.php?id=CVE-2010-0823
08 Jun 2010 — Unspecified vulnerability in Microsoft Office Excel 2002 SP3, 2003 SP3, 2007 SP1 and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via a crafted Excel file, aka "Excel Memory Corruption Vulnerability," a different vulnerability than CVE-2010-1247 and CVE-2010-1249. Vulnerabilidad no especificad... • http://osvdb.org/65233 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 61%CPEs: 2EXPL: 1CVE-2010-0824 – Microsoft Excel - WOPT Record Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2010-0824
08 Jun 2010 — Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0821 and CVE-2010-1245. Vulnerabilidad no especificada en Microsoft Office Excel 2002 SP3 y Office 2004 para Mac permite a atacantes remotos ejecutar código a su elección a través de archivos de Excel manipulados, también conocid... • https://www.exploit-db.com/exploits/15065 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 61%CPEs: 4EXPL: 1CVE-2010-1245 – Microsoft Excel - SxView Record Parsing Heap Memory Corruption
https://notcve.org/view.php?id=CVE-2010-1245
08 Jun 2010 — Unspecified vulnerability in Microsoft Office Excel 2002 SP3, Office 2004 for Mac, Office 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed SxView (0xB0) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0824 and CVE-2010-0821. Vulnerabilidad no especificada en Microsoft Office Excel 2002 SP3, Office 2004 para Mac, Office 2008 para Mac, y Open XML File Format Converte... • https://www.exploit-db.com/exploits/15148 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 62%CPEs: 2EXPL: 2CVE-2010-1248 – Microsoft Excel - HFPicture Record Parsing Remote Code Execution
https://notcve.org/view.php?id=CVE-2010-1248
08 Jun 2010 — Buffer overflow in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed HFPicture (0x866) record, aka "Excel HFPicture Memory Corruption Vulnerability." Vulnerabilidad no específica en Microsoft Office Excel 2002 SP3 y Office 2004 para Mac permite a atacantes remotos ejecutar código de su elección a través de un fichero manipulado Excel, conocido como "Vulnerabilidad de corrupción de memoria HFPicture Excel" • https://www.exploit-db.com/exploits/15019 • CWE-94: Improper Control of Generation of Code ('Code Injection') •