Lucene search
+L

73 matches found

cvelist
cvelist
added 2007/03/20 10:0 a.m.27 views

CVE-2007-1512

Stack-based buffer overflow in the AfxOleSetEditMenu function in the MFC component in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 Gold and SP1, and Visual Studio .NET 2002 Gold and SP1, and 2003 Gold and SP1 allows user-assisted remote attackers to have an unknown impact probably crash vi...

6.9AI score0.1133EPSS
Exploits0References1
seebug
seebug
added 2007/03/01 12:0 a.m.14 views

Microsoft Windows MFC嵌入OLE对象内存破坏漏洞(MS07-012)

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows提供的MFC组件中存在一个远程执行代码漏洞。当用户与RTF文件中的畸形嵌入OLE对象进行交互时,就可能导致内存破坏,在用户系统上执行任意代码。 成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。要利用此漏洞,需要进行用大量的户交互。 Microsoft Windows XP SP2 Microsoft Windows Server...

7.5AI score
Exploits0
seebug
seebug
added 2007/03/01 12:0 a.m.35 views

Microsoft Office和Windows RichEdit组件内存破坏漏洞(MS07-014)

Microsoft Windows是微软发布的非常流行的操作系统。 Microsoft Windows和Microsoft Office所捆绑的RichEdit组件中存在一个远程执行代码漏洞。中存在一个远程执行代码漏洞。当用户与RTF文件中的畸形嵌入OLE对象进行交互时,就可能导致内存破坏,在用户系统上执行任意代码。 成功利用此漏洞的攻击者可以完全控制受影响的系统。攻击者可随后安装程序;查看、更改或删除数据;或者创建拥有完全用户权限的新帐户。那些帐户被配置为拥有较少系统用户权限的用户比具有管理用户权限的用户受到的影响要小。要利用此漏洞,需要进行用大量的户交互。 Microsoft...

7.5AI score
Exploits0
cert
cert
added 2007/02/14 12:0 a.m.43 views

Microsoft MFC component vulnerable to remote code execution via malformed embedded OLE object

Overview A memory corruption vulnerability exists in the MFC component that is provided with Microsoft Windows and Visual Studio Description The Microsoft Foundation Class Library MFC, is a Microsoft library that wraps parts of the Windows API in C++ classes. MFC is included in Microsoft Visual...

9.3CVSS7.2AI score0.36509EPSS
Exploits0References10
cert
cert
added 2007/02/14 12:0 a.m.45 views

Microsoft RichEdit vulnerable to remote code execution via malformed embedded OLE object

Overview Microsoft's RichEdit contains a vulnerability that may allow an attacker to execute code. Description From Murray Sargent's MSDN blog:RichEdit 6.0 is a facility for getting plain/rich-text, single/multiline Unicode/ANSI edit controls and combo/list boxes in single world-wide binary that...

9.3CVSS7.5AI score0.31102EPSS
Exploits0References9
prion
prion
added 2007/02/13 8:28 p.m.21 views

Stack overflow

The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a...

9.3CVSS8.1AI score0.36509EPSS
Exploits0References9Affected Software2
prion
prion
added 2007/02/13 8:28 p.m.25 views

Memory corruption

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an R...

9.3CVSS7.8AI score0.31102EPSS
Exploits0References11Affected Software3
nvd
nvd
added 2007/02/13 8:28 p.m.29 views

CVE-2007-0025

The MFC component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 and Visual Studio .NET 2000, 2002 SP1, 2003, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. NOTE: this might be due to a...

9.3CVSS7.7AI score0.36509EPSS
Exploits0References9
prion
prion
added 2007/02/13 8:28 p.m.20 views

Memory corruption

The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption...

7.6CVSS7.8AI score0.24644EPSS
Exploits0References9Affected Software1
cve
cve
added 2007/02/13 8:0 p.m.67 views

CVE-2006-1311

CVE-2006-1311 is a remote code execution vulnerability in Microsoft RichEdit. The RichEdit components in Windows 2000 SP4, XP SP2, 2003 SP1 and Office suites (2000 SP3, XP SP3, 2003 SP2) plus Office for Mac 2004 and Learning Essentials are affected. The flaw arises from insufficient validation wh...

9.3CVSS7.4AI score0.31102EPSS
Exploits0References11Affected Software2
cvelist
cvelist
added 2007/02/13 8:0 p.m.28 views

CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an R...

7.5AI score0.31102EPSS
Exploits0References11
securityvulns
securityvulns
added 2007/02/13 12:0 a.m.51 views

Microsoft Windows RiсhEdit control memory corruption

Memory corruption in RF-enbedded OLE object can be used for hidden malware installation...

9.3CVSS1.9AI score0.31102EPSS
Exploits0References1
nvd
nvd
added 2004/08/18 4:0 a.m.24 views

CVE-2004-0503

Microsoft Outlook 2003 allows remote attackers to bypass the default zone restrictions and execute script within media files via a Rich Text Format RTF message containing an OLE object for the Windows Media Player, which bypasses Media Player's setting to disallow scripting and may lead to...

5CVSS6.4AI score0.11445EPSS
Exploits1References6
Rows per page
Query Builder