CVE-2014-3802 – Microsoft DIA SDK msdia.dll Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2014-3802
msdia.dll in Microsoft Debug Interface Access (DIA) SDK, as distributed in Microsoft Visual Studio before 2013, does not properly validate an unspecified variable before use in calculating a dynamic-call address, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted PDB file. msdia.dll en Microsoft Debug Interface Access (DIA) SDK, distribuido en Microsoft Visual Studio anterior a 2013, no valida debidamente una variable no especificada antes de utilizarla para calcular una dirección de llamada dinámica, lo que permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un archivo PDB manipulado. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Debug Interface Access SDK. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of PDB files. The issue lies in a failure to sanitize a value which is then used in the calculation of an address for a dynamic call. An attacker can leverage this vulnerability to execute code under the context of the current process. • http://www.securityfocus.com/bid/67398 http://zerodayinitiative.com/advisories/ZDI-14-129 • CWE-20: Improper Input Validation •
CVE-2010-1881
https://notcve.org/view.php?id=CVE-2010-1881
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka "ACCWIZ.dll Uninitialized Variable Vulnerability." El control FieldList ActiveX en Microsoft Access Wizard Controls en ACCWIZ.dll en Microsoft Office Access 2003 SP3 no interactúa correctamente con el acceso a memoria empleado por Internet Explorer y Office durante la instanciación, el cual permite a atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) a través de un documento HTML que hace referencia a este control junto con el almacenamiento de datos persistentes manipulado, también conocido como vulnerabilidad "ACCWIZ.DLL variable sin inicializar". • http://www.us-cert.gov/cas/techalerts/TA10-194A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11756 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2010-0814 – Microsoft Office Access AccWizObjects ActiveX Control Uninitialized Imports Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-0814
The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that references multiple ActiveX controls, as demonstrated by the ImexGrid and FieldList controls, aka "Access ActiveX Control Vulnerability." El Microsoft Access Wizard Controls en ACCWIZ.dll en Microsoft Office Access 2003 SP3 y 2007 SP1 y SP2 no interactúa correctamente con la asignación de memoria usada por Internet Explorer durante la instanciación, el cual permite a atacantes remotos ejecutar código arbitrario mediante un sitio web que referencia múltiples controles ActiveX, como lo demuestra los controles ImexGrid y FieldList, también conocido como "Vulnerabilidad de control de acceso ActiveX". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. User interaction is required in that a user must browse to a malicious website. The specific flaws exists in the instantiation of three specific ActiveX controls. The combination of loading all three controls in a particular order results in a transfer of control to unallocated memory which can be leveraged by remote attackers to execute arbitrary code under the context of the currently logged in user. • http://www.us-cert.gov/cas/techalerts/TA10-194A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-044 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11907 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2008-2248
https://notcve.org/view.php?id=CVE-2008-2248
Cross-site scripting (XSS) vulnerability in Outlook Web Access (OWA) for Exchange Server 2003 SP2 allows remote attackers to inject arbitrary web script or HTML via unspecified HTML, a different vulnerability than CVE-2008-2247. La vulnerabilidad de tipo Cross-site scripting (XSS) en Outlook Web Access (OWA) para Exchange Server 2003 SP2, permite a atacantes remotos inyectar script web o HTML por medio de HTML no especificado, una vulnerabilidad diferente a la CVE-2008-2247. • http://secunia.com/advisories/30964 http://www.securityfocus.com/bid/30078 http://www.securitytracker.com/id?1020439 http://www.us-cert.gov/cas/techalerts/TA08-190A.html http://www.vupen.com/english/advisories/2008/2021/references https://docs.microsoft.com/en-us/security-updates/securitybulletins/2008/ms08-039 https://exchange.xforce.ibmcloud.com/vulnerabilities/43329 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5695 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2008-3068
https://notcve.org/view.php?id=CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension. Microsoft Crypto API 5.131.2600.2180 hasta la 6.0, como las usadas en Outlook, Windows Live Mail, y Office 2007, realiza una lista de revocación de certificado (CRL) utilizando una URL arbitraria de un certificado incluido en (1) mensaje de correo electrónico S/MIME o (2) documento firmado, lo que permite a atacantes remotos conseguir tiempos de lectura y direcciones IP de recipientes, y resultados de escaneo de puerto, a través de un certificado manipulado con una extensión de de una Authority Information Access (AIA). • http://securityreason.com/securityalert/3978 http://www.securityfocus.com/archive/1/493947/100/0/threaded http://www.securityfocus.com/archive/1/494101/100/0/threaded http://www.securityfocus.com/bid/28548 http://www.securitytracker.com/id?1019736 http://www.securitytracker.com/id?1019737 http://www.securitytracker.com/id?1019738 https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt https://www.cynops.de/advisories/AK •