25 matches found
CVE-2014-1758
CVE-2014-1758 is a Word 2003 SP3 vulnerability described in the initial entry as a stack-based buffer overflow that allows remote code execution via a crafted document (Microsoft Word Stack Overflow Vulnerability). Connected advisories/entries (Kaspersky and OpenVAS) corroborate that multiple Mic...
CVE-2013-3891
Microsoft Word 2003 SP3 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Memory Corruption Vulnerability."...
CVE-2013-3848
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory...
CVE-2013-3851
Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
CVE-2013-3855
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
CVE-2013-3856
Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
Microsoft Word CVE-2013-3855 Remote Memory Corruption Vulnerability
Description Microsoft Word is prone to a remote memory-corruption vulnerability. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial-of-service conditions. Technologies Affected Microsoft...
Microsoft Excel CVE-2013-3159 XML Files Handling Information Disclosure Vulnerability
Description Microsoft Excel is prone to an information-disclosure vulnerability. Attackers can exploit this issue to obtain sensitive information that may aid in further attacks. Technologies Affected Microsoft Excel 2003 SP3 Microsoft Excel 2007 SP3 Microsoft Excel 2010 SP1 32-bit editions...
CVE-2013-1321
Microsoft Publisher 2003 SP3 does not properly check the data type of an unspecified return value, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Validation Vulnerability."...
CVE-2013-1319
Microsoft Publisher 2003 SP3 does not properly check the return value of an unspecified method, which allows remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Return Value Handling Vulnerability."...
CVE-2011-3412
Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, allows remote attackers to execute arbitrary code via a crafted Publisher file that leverages incorrect memory handling, aka "Publisher Memory Corruption Vulnerability."...
CVE-2011-0097
Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary cod...
Microsoft Word 2003 'MSO.dll' Null Pointer Dereference Vulnerability
Microsoft Word is prone to null pointer dereference vulnerability. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Microsoft Word sprmCMajority记录解析栈溢出漏洞(MS10-056)
BUGTRAQ ID: 42136 CVE ID: CVE-2010-1900 Word是微软Office套件中的文字处理工具。 在解析Word文档中的sprmCMajority记录时,由于处理sprmCMajority sprm组没有对参数执行检查,攻击者可以控制写入到栈缓冲区中的数据数量,触发栈溢出。成功利用此漏洞的攻击者可完全控制受影响的系统。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Wo...
Microsoft Word RTF解析引擎远程内存破坏漏洞(MS10-056)
BUGTRAQ ID: 42132 CVE ID: CVE-2010-1901 Word是微软Office套件中的文字处理工具。 在处理包含有某些控制字的RTF文档时,RTF解析引擎可能错误的从RTF文件读取值,导致内存破坏。成功利用此漏洞的攻击者可以获得与本地用户相同的权限。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Word 2002 SP3 临时解决方法: 以纯文本格式阅读电子邮件。...
CVE-2010-1881
The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or...
Microsoft Office COM对象验证远程代码执行漏洞(MS10-036)
BUGTRAQ ID: 40574 CVE ID: CVE-2010-1263 Microsoft Office是非常流行的办公软件套件。 Office中的组件在实例化对象时没有充分地验证COM对象,用户受骗打开了恶意的Excel、PowerPoint、Publisher、Visio 或Word文档就会导致执行任意代码。 Microsoft Office XP SP3 Microsoft Office 2007 SP2 Microsoft Office 2007 SP1 Microsoft Office 2003 Service Pack 3 临时解决方法:...
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption
Added: 02/12/2010 CVE: CVE-2010-0031 BID: 38103 OSVDB: 62237 Background Microsoft PowerPoint is presentation software included in the Microsoft Office desktop suite. Problem A memory corruption vulnerability allows command execution when a user opens a PowerPoint file containing an...
Memory corruption
Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache...
Microsoft Word Record Parsing Remote Stack Buffer Overflow Vulnerability
Description Microsoft Word is prone to a remote stack-buffer overflow vulnerability. Attackers can exploit this issue by enticing victims into opening a specially crafted Word '.doc' file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running th...