11 matches found
CVE-2014-1758
CVE-2014-1758 is a Word 2003 SP3 vulnerability described in the initial entry as a stack-based buffer overflow that allows remote code execution via a crafted document (Microsoft Word Stack Overflow Vulnerability). Connected advisories/entries (Kaspersky and OpenVAS) corroborate that multiple Mic...
CVE-2013-3891
Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."...
CVE-2013-3855
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
CVE-2013-3856
Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
Microsoft Excel CVE-2013-3159 XML Files Handling Information Disclosure Vulnerability
Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2003 SP3 Microsoft Excel 2007 SP3 Microsoft Excel 2010 SP1 32-bit editions...
CVE-2013-1319
Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."...
CVE-2013-1321
Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."...
CVE-2011-0097
Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary cod...
Microsoft Word RTF解析引擎远程内存破坏漏洞(MS10-056)
BUGTRAQ ID: 42132 CVE ID: CVE-2010-1901 Word是微软Office套件中的文字处理工具。 在处理包含有某些控制字的RTF文档时,RTF解析引擎可能错误的从RTF文件读取值,导致内存破坏。成功利用此漏洞的攻击者可以获得与本地用户相同的权限。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Word 2002 SP3 临时解决方法: 以纯文本格式阅读电子邮件。...
Microsoft Office COM对象验证远程代码执行漏洞(MS10-036)
BUGTRAQ ID: 40574 CVE ID: CVE-2010-1263 Microsoft Office是非常流行的办公软件套件。 Office中的组件在实例化对象时没有充分地验证COM对象,用户受骗打开了恶意的Excel、PowerPoint、Publisher、Visio 或Word文档就会导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office 2007 SP2 Microsoft Office 2007 SP1 Microsoft Office 2003 Service Pack 3 临时解决方法:...
Microsoft Word Record Parsing Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a remote stack-buffer overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Word '.doc' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running th...