CVSS: 9.3EPSS: 92%CPEs: 13EXPL: 5CVE-2013-3906 – Microsoft Graphics Component Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2013-3906
06 Nov 2013 — GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013. El componente GDI + de Microsoft Windows Vista SP2 y Server 2008 SP2, Office 2003 SP3, 2007 SP3 y 2010 SP1 y SP2, Office Compatibility Pack SP3 ... • https://packetstorm.news/files/id/124203 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 49%CPEs: 7EXPL: 0CVE-2011-1269
https://notcve.org/view.php?id=CVE-2011-1269
13 May 2011 — Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file parsing without proper handling of memory, which allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Memory Corruption RCE Vulnerability." Microsoft PowerPoint 2002 SP3, 2003 SP3, y 2007 SP2; Office 2004 y 20... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-036 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 35%CPEs: 2EXPL: 0CVE-2011-1270
https://notcve.org/view.php?id=CVE-2011-1270
13 May 2011 — Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability." Desbordamiento de búfer en Microsoft PowerPoint 2002 Service Pack 3 y 2003 Service Pack 3, permite a atacantes remotos ejecutar código de su elección a través de un documento de PowerPoint manipulado, también conocido como "Vulnerabilidad RCE de saturación del búfer de la presentación." • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-036 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 57%CPEs: 12EXPL: 0CVE-2011-0656 – Microsoft Office PowerPoint PersistDirectoryEntry Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0656
12 Apr 2011 — Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Slide with a malformed record, w... • http://osvdb.org/71770 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 75%CPEs: 2EXPL: 0CVE-2010-2572 – Microsoft PowerPoint Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2010-2572
10 Nov 2010 — Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability." Desbordamiento de búfer en Microsoft PowerPoint 2002 SP3 y 2003 SP3 permite a los atacantes remotos ejecutar código a su elección a través de documentos PowerPoint 95 manipulados, también conocido como "PowerPoint Parsing Buffer Overflow Vulnerability". Microsoft PowerPoint contains a buffer overflow vuln... • http://www.us-cert.gov/cas/techalerts/TA10-313A.html • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •
CVSS: 9.3EPSS: 56%CPEs: 4EXPL: 0CVE-2010-2573 – Microsoft Office PowerPoint Unknown Animation Node Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2010-2573
09 Nov 2010 — Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability." Desbordamiento de entero en Microsoft PowerPoint 2002 SP3 y 2003 SP3, PowerPoint Viewer SP2, y Office 2004 para Mac permite a atacantes remotos ejecutar código de su elección a través de un documento PowerPoint manipulado, también conocida co... • http://www.us-cert.gov/cas/techalerts/TA10-313A.html • CWE-189: Numeric Errors •
CVSS: 9.3EPSS: 62%CPEs: 2EXPL: 0CVE-2010-0030
https://notcve.org/view.php?id=CVE-2010-0030
10 Feb 2010 — Heap-based buffer overflow in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint LinkedSlideAtom Heap Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office PowerPoint 2002 SP3 y 2003 SP3, permite a atacantes remotos ejecutar código de su elección a través de un documento PowerPoint manipulado. También se conoce como "Vulnerabilidad de Desbordamiento de Pila de PowerPoint LinkedSl... • http://www.securitytracker.com/id?1023563 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 57%CPEs: 3EXPL: 0CVE-2010-0031
https://notcve.org/view.php?id=CVE-2010-0031
10 Feb 2010 — Array index error in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3, and PowerPoint in Office 2004 for Mac, allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint OEPlaceholderAtom 'placementId' Invalid Array Indexing Vulnerability." Error de indexación en Microsoft Office PowerPoint 2002 SP3 y 2003 SP3, y PowerPoint en Office 2004 para Mac, permite a atacantes remotos ejecutar código de su elección a través de un documento powerpoint modificado. También cono... • http://www.securitytracker.com/id?1023563 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 52%CPEs: 2EXPL: 0CVE-2010-0032
https://notcve.org/view.php?id=CVE-2010-0032
10 Feb 2010 — Use-after-free vulnerability in Microsoft Office PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "OEPlaceholderAtom Use After Free Vulnerability." Vulnerabilidad de uso después de la liberación en Microsoft Office PowerPoint 2002 SP3 y 2003 SP3, permite a atacantes remotos ejecutar código de su elección a través de un documento Power Point manipulado. También se conoce como "Vulnerabilidad de uso después de la liberación OEPlaceholder... • http://www.securitytracker.com/id?1023563 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 62%CPEs: 1EXPL: 0CVE-2010-0034
https://notcve.org/view.php?id=CVE-2010-0034
10 Feb 2010 — Stack-based buffer overflow in Microsoft Office PowerPoint 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Office PowerPoint Viewer TextCharsAtom Record Stack Overflow Vulnerability." Desbordamiento de búfer basado en pila en Microsoft Office PowerPoint 2003 SP3, permite a atacantes remotos ejecutar código de su elección a través de un documento Power Point manipulado. También se conoce como "Vulnerabilidad de Desbordamiento de Registro de Pila del Visor de... • http://www.securitytracker.com/id?1023563 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •