CVE-2013-3906 – Microsoft Graphics Component Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2013-3906
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013. El componente GDI + de Microsoft Windows Vista SP2 y Server 2008 SP2, Office 2003 SP3, 2007 SP3 y 2010 SP1 y SP2, Office Compatibility Pack SP3 y Lync 2010, 2010 Attende, 2.013 y Basic 2013 permite a atacantes remotos ejecutar código arbitrario a través de una imagen TIFF manipulada, como se ha demuestrado por exploits relaizados en octubre y noviembre de 2013 al abrir una imagen en un documento Word. Microsoft Graphics Component contains a memory corruption vulnerability which can allow for remote code execution. • https://www.exploit-db.com/exploits/30011 http://blogs.mcafee.com/mcafee-labs/mcafee-labs-detects-zero-day-exploit-targeting-microsoft-office-2 http://blogs.technet.com/b/srd/archive/2013/11/05/cve-2013-3906-a-graphics-vulnerability-exploited-through-word-documents.aspx http://technet.microsoft.com/security/advisory/2896666 http://www.exploit-db.com/exploits/30011 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-096 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVE-2011-1269
https://notcve.org/view.php?id=CVE-2011-1269
Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file parsing without proper handling of memory, which allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Memory Corruption RCE Vulnerability." Microsoft PowerPoint 2002 SP3, 2003 SP3, y 2007 SP2; Office 2004 y 2008 para Mac; Open XML File Format Converter for Mac; y Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2 hace llamadas a funciones no especificadas durante el parseo de archivos sin manejar adecuadamente la memoria, lo que permite a atacantes remotos ejecutar código de su elección a través de documentos PoerPoint manipulados, también conocido como "Presentation Memory Corruption RCE Vulnerability." • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-036 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12438 • CWE-20: Improper Input Validation •
CVE-2011-1270
https://notcve.org/view.php?id=CVE-2011-1270
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability." Desbordamiento de búfer en Microsoft PowerPoint 2002 Service Pack 3 y 2003 Service Pack 3, permite a atacantes remotos ejecutar código de su elección a través de un documento de PowerPoint manipulado, también conocido como "Vulnerabilidad RCE de saturación del búfer de la presentación." • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-036 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12256 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2011-0656 – Microsoft Office PowerPoint PersistDirectoryEntry Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2011-0656
Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Slide with a malformed record, which triggers an exception and later use of an unspecified method, aka "Persist Directory RCE Vulnerability." PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, y 2010; Office 2004, 2008, y 2011 para Mac; Open XML File Format Converter para Mac; Office Compatibility Pack para Word, Excel, y PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; y PowerPoint Web App, de Microsoft, no comprueba apropiadamente los registros de PersistDirectoryEntry en documentos de PowerPoint, lo que permite a los atacantes remotos ejecutar código arbitrario o causar una denegación de servicio (corrupción de memoria) por medio de una Diapositiva con un registro malformado, lo que desencadena una excepción y luego el uso de un método no especificado, también se conoce como "Persist Directory RCE Vulnerability." This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within how the application handles an exception within the PersistDirectoryEntry records when loading a presentation. When an entry points to a container containing a Slide with a malformed record, the application will raise an exception during the loading of the record. • http://osvdb.org/71770 http://www.securityfocus.com/archive/1/517482/100/0/threaded http://www.securityfocus.com/bid/47251 http://www.securitytracker.com/id?1025340 http://www.us-cert.gov/cas/techalerts/TA11-102A.html http://www.vupen.com/english/advisories/2011/0941 http://www.zerodayinitiative.com/advisories/ZDI-11-125 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2011/ms11-022 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval • CWE-20: Improper Input Validation •
CVE-2010-2572 – Microsoft PowerPoint Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2010-2572
Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint 95 document, aka "PowerPoint Parsing Buffer Overflow Vulnerability." Desbordamiento de búfer en Microsoft PowerPoint 2002 SP3 y 2003 SP3 permite a los atacantes remotos ejecutar código a su elección a través de documentos PowerPoint 95 manipulados, también conocido como "PowerPoint Parsing Buffer Overflow Vulnerability". Microsoft PowerPoint contains a buffer overflow vulnerability that alllows for remote code execution. • http://www.us-cert.gov/cas/techalerts/TA10-313A.html https://docs.microsoft.com/en-us/security-updates/securitybulletins/2010/ms10-088 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12195 • CWE-120: Buffer Copy without Checking Size of Input ('Classic Buffer Overflow') •