Lucene search
K

4128 matches found

CERT
CERT
added 2007/05/08 12:0 a.m.52 views

Microsoft Word fails to properly process crafted array data

Overview Microsoft Word contains a remote code execution vulnerability that could enable an attacker to execute arbitrary code and gain complete control of the vulnerable system. Description Microsoft Word fails to properly handle malformed data within an array. When a Word file is opened, Word...

9.3CVSS7.4AI score0.32093EPSS
Exploits0References1
Prion
Prion
added 2007/04/24 8:19 p.m.27 views

Code injection

The ADIBINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FNDDOCUMENTS table via the ADIDISPLAYREPORT function, when passed a certain parameter. NOTE: due to lack of details from Oracle, it is not clear whether this issue is relat...

7.8CVSS6.4AI score0.02527EPSS
Exploits0References6
NVD
NVD
added 2007/04/24 8:19 p.m.23 views

CVE-2007-2135

The ADIBINARY component in the Oracle E-Business Suite allows remote attackers to download arbitrary documents from the APPS.FNDDOCUMENTS table via the ADIDISPLAYREPORT function, when passed a certain parameter. NOTE: due to lack of details from Oracle, it is not clear whether this issue is relat...

7.8CVSS6.1AI score0.0206EPSS
Exploits0References6
NVD
NVD
added 2007/04/10 11:19 p.m.18 views

CVE-2007-1911

Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service CPU consumption via crafted documents, as demonstrated by 1 file798-1.doc and 2 file613-1.doc, possibly related to a buffer overflow...

7.1CVSS7.2AI score0.11922EPSS
Exploits0References1
Prion
Prion
added 2007/04/10 11:19 p.m.21 views

Buffer overflow

Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service CPU consumption via crafted documents, as demonstrated by 1 file798-1.doc and 2 file613-1.doc, possibly related to a buffer overflow...

7.1CVSS7.7AI score0.11922EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2007/04/10 11:0 p.m.26 views

CVE-2007-1911

Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service CPU consumption via crafted documents, as demonstrated by 1 file798-1.doc and 2 file613-1.doc, possibly related to a buffer overflow...

7.2AI score0.11922EPSS
Exploits0References1
CVE
CVE
added 2007/04/10 11:0 p.m.55 views

CVE-2007-1911

CVE-2007-1911 affects Microsoft Word 2007. The connected documents describe multiple unspecified vulnerabilities that allow remote attackers to cause a denial of service (CPU exhaustion) by parsing crafted documents (e.g., file798-1.doc and file613-1.doc), with a possible relation to a buffer ove...

7.1CVSS7.2AI score0.11922EPSS
Exploits0References1Affected Software1
VulnCheck KEV
VulnCheck KEV
added 2007/04/10 12:0 a.m.4 views

VulnCheck KEV: CVE-2007-1938

Ichitaro 2005 through 2007, and possibly related products, allows remote attackers to have an unknown impact via unspecified vectors in a document distributed through e-mail or a web site, possibly due to a buffer overflow or cross-site scripting XSS...

4.3CVSS6.1AI score0.01451EPSS
Exploits0References1
0day.today
0day.today
added 2007/03/26 12:0 a.m.74 views

C-Arbre <= 0.6PR7 (root_path) Remote File Inclusion Vulnerability

Exploit for unknown platform in category web applications ================================================================= C-Arbre = 0.6PR7 rootpath Remote File Inclusion Vulnerability ================================================================= \ /\ \ / | \ \ | / \ // / | \ | \ \ Y / |...

7.1AI score
Exploits0
CERT
CERT
added 2007/03/22 12:0 a.m.33 views

McAfee ePolicy Orchestrator and ProtectionPilot ActiveX control buffer overflow vulnerability

Overview A vulnerability in an ActiveX control provided with the McAfee ePolicy Orchestrator and ProtectionPilot software could allow a remote attacker to execute arbitrary code on an affected system. Description The McAfee ePolicy Orchestrator and ProtectionPilot are applications that are design...

9.3CVSS7.3AI score0.07729EPSS
Exploits8References11
Fedora
Fedora
added 2007/03/19 10:59 p.m.25 views

[SECURITY] Fedora Core 6 Update: libwpd-0.8.9-1.fc6

Library that handles Word Perfect documents...

9.3CVSS1.2AI score0.06722EPSS
Exploits0
Fedora
Fedora
added 2007/03/19 10:59 p.m.23 views

[SECURITY] Fedora Core 5 Update: libwpd-0.8.9-1.fc5

Library that handles Word Perfect documents...

9.3CVSS1.2AI score0.06722EPSS
Exploits0
CERT
CERT
added 2007/03/07 12:0 a.m.16 views

Microsoft Windows fails to properly handle malformed OLE documents

Overview A vulnerability exists in a Microsoft Windows library that is used to handle OLE documents. The complete impact of this vulnerability is not clear, but may include the execution of arbitrary code as well as a denial of service. Description Microsoft OLE documents include summary...

8.1AI score
Exploits0References1
CVE
CVE
added 2007/02/23 1:0 a.m.61 views

CVE-2007-0320

CVE-2007-0320 involves Macrovision’s InstallFromTheWeb product (ActiveX control in iftw.dll and Netscape plug-in in npiftw32.dll). The connected sources document multiple buffer overflows in these components that could allow an attacker to execute arbitrary code via crafted HTML documents, potent...

9.3CVSS7.7AI score0.05361EPSS
Exploits0References8Affected Software1
CERT
CERT
added 2007/02/15 12:0 a.m.32 views

Microsoft Word fails to properly handle malformed strings

Overview A vulnerability in the way Microsoft Word handles malformed Word Document streams could allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system. Description Microsoft Word contains a memory corruption vulnerability that could be triggered when Word opens...

7.6CVSS6.9AI score0.2052EPSS
Exploits0References9
NVD
NVD
added 2007/02/07 11:28 a.m.13 views

CVE-2007-0806

Les News 2.2 allows remote attackers to bypass authentication and gain administrative access via a direct request for adminews/indexfr.php3, and possibly the adminews index documents for other localizations...

7.5CVSS7.2AI score0.02376EPSS
Exploits1References4
Cvelist
Cvelist
added 2007/02/07 11:0 a.m.23 views

CVE-2007-0806

Les News 2.2 allows remote attackers to bypass authentication and gain administrative access via a direct request for adminews/indexfr.php3, and possibly the adminews index documents for other localizations...

7.2AI score0.02376EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.19 views

CentOS 3 / 4 : libgsf (CESA-2007:0011)

Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and writing structured file formats. A heap based buff...

7.5CVSS6.1AI score0.04065EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2007/01/17 12:0 a.m.28 views

Fedora Core 5 : libgsf-1.13.3-3 (2006-1399)

Security errata for potential heap overflow in reading corrupt ole2 documents Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without...

5.5AI score
Exploits0References1
Cent OS
Cent OS
added 2007/01/11 4:20 p.m.54 views

libgsf security update

CentOS Errata and Security Advisory CESA-2007:0011 Updated libgsf packages that fix a buffer overflow flaw are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The GNOME Structured File Library is a utility library for reading and...

7.5CVSS6.1AI score0.04065EPSS
Exploits0References9
Rows per page
Query Builder