129 results (0.003 seconds)

CVSS: 9.3EPSS: 79%CPEs: 22EXPL: 1

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft SharePoint Server 2007 SP3, 2010 SP1 y SP2, y 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office para Mac 2011; Excel Viewer; y Office Compatibility Pack SP3 permiten a un atacante remoto ejecutar código a discrección o causar una denegación de servicio (corrupción de memoria), a través de un documento Office manipulado, tambien conocida como "Vulnerabilidad de Corrupción de Memoria en Microsoft Office". • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-067 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18333 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18543 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18950 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 4.3EPSS: 10%CPEs: 6EXPL: 0

Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability." Microsoft Excel 2003 SP3, 2007 SP3 y 2010 SP1 y SP2; Excel Viewer; yMicrosoft Office Compatibility Pack SP3 permite a atacantes remotos leer ficheros arbitrarios a través de un documento XML conteniendo una declaración de entidad externa en conjunción con una referencia de entidad, relacionado con un problema XMLExternal Entity (XXE) , conocido como como "Viulnerabilidad de Resolución de Entidades Externas de XML" • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18686 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 70%CPEs: 2EXPL: 0

Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Excel 2003 SP3 y 2007 SP3 permiten a atacantes remotos ejecutar código arbitrario o causar denegación de servicio (corrupción de memoria) a través de un documento Office manipulado, también conocido como "Vulnerabilidad de Corrupción de Memoria en Microsoft Office". • http://www.us-cert.gov/ncas/alerts/TA13-253A https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A18984 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 94%CPEs: 8EXPL: 0

Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 SP1; Excel Viewer; y Office Compatibility Pack SP2 y SP3 permite a atacantes remotos a ejecutar código provocar una denegación de servicio (corrupción de memoria) a través de una hoja de cálculo manipulada, también conocido como "Excel Memory Corruption Vulnerability." • http://www.securityfocus.com/bid/56426 http://www.securitytracker.com/id?1027752 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-076 https://exchange.xforce.ibmcloud.com/vulnerabilities/78073 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15927 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 94%CPEs: 9EXPL: 0

Heap-based buffer overflow in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Office 2008 and 2011 for Mac; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SerAuxErrBar Heap Overflow Vulnerability." Desbordamiento de búfer basado en memoria dinámica en Microsoft Excel 2003 SP3, 2007 SP2 y SP3, y 2010 SP1; Office 2008 y 2011 para Mac; y Office Compatibility Pack SP2 y SP3 ,permite a atacantes remotos ejecutar código arbitrario mediante una hoja de cálculo manipulada.También conocido como "Excel SerAuxErrBar Heap Overflow Vulnerability." • http://www.securityfocus.com/bid/56425 http://www.securitytracker.com/id?1027752 http://www.us-cert.gov/cas/techalerts/TA12-318A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-076 https://exchange.xforce.ibmcloud.com/vulnerabilities/78072 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15752 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A15916 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •