Lucene search
K

23 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2008-3444

Malware in sbrugna...

5CVSS6.4AI score0.02799EPSS
Exploits1References8
RedhatCVE
RedhatCVE
added 2025/05/21 11:5 p.m.9 views

CVE-2008-3458

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

5CVSS6.6AI score0.02799EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2020/02/13 4:15 p.m.3 views

CVE-2020-8804

SuiteCRM through 7.11.10 allows SQL Injection via the SOAP API, the EmailUIAjax interface, or the MailMerge module...

6.5CVSS5.8AI score0.01385EPSS
Exploits2References4
Tenable Nessus
Tenable Nessus
added 2018/04/26 12:0 a.m.49 views

SUSE SLED12 / SLES12 Security Update : Recommended update for LibreOffice (SUSE-SU-2018:1076-1)

LibreOffice was updated to version 6.0.3. Following new features were added : - The Notebookbar, although still an experimental feature, has been enriched with two new variants: Grouped Bar Full for Writer, Calc and Impress, and Tabbed Compact for Writer. The Special Characters dialog has been...

9.8CVSS6.9AI score0.23204EPSS
Exploits5References18
OSV
OSV
added 2018/04/25 12:16 p.m.6 views

SUSE-SU-2018:1076-1 Recommended update for LibreOffice

LibreOffice was updated to version 6.0.3. Following new features were added: - The Notebookbar, although still an experimental feature, has been enriched with two new variants: Grouped Bar Full for Writer, Calc and Impress, and Tabbed Compact for Writer. The Special Characters dialog has been...

9.8CVSS9.4AI score0.23204EPSS
Exploits5References12
Microsoft KB
Microsoft KB
added 2017/03/14 7:0 a.m.68 views

MS17-014: Description of the security update for Word 2016: March 14, 2017

MS17-014: Description of the security update for Word 2016: March 14, 2017 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...

9.3CVSS7.2AI score0.16744EPSS
Exploits0
Openbugbounty
Openbugbounty
added 2016/05/09 1:13 a.m.12 views

hp.com XSS vulnerability

Vulnerable URL: http://www.hp.com/sbso/solutions/real/assets/mayfieldmailmergecontroller.swf?csConfigFile=http://irc.0x539.xyz/hp.xml Details: Description| Value ---|--- Patched:| Yes, at Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 320 VIP website status:| Yes...

6.2AI score
Exploits0
Prion
Prion
added 2008/08/04 7:41 p.m.12 views

Improper access control

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

5CVSS6.5AI score0.02799EPSS
Exploits1References7Affected Software1
NVD
NVD
added 2008/08/04 7:41 p.m.16 views

CVE-2008-3458

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

5CVSS6.2AI score0.02799EPSS
Exploits1References7
Cvelist
Cvelist
added 2008/08/04 7:0 p.m.17 views

CVE-2008-3458

Vtiger CRM before 5.0.4 stores sensitive information under the web root with insufficient access control, which allows remote attackers to read mail merge templates via a direct request to the wordtemplatedownload directory...

6.2AI score0.02799EPSS
Exploits1References7
CERT
CERT
added 2006/10/12 12:0 a.m.33 views

Microsoft Word vulnerable to remote code execution

Overview A remote code execution vulnerability in Microsoft Word can allow a remote attacker to execute arbitrary code via a specially crafted mail merge file. Description Microsoft Word contains a remote code execution vulnerability that can be exploited when a specially crafted mail merge file ...

9.3CVSS7.2AI score0.30725EPSS
Exploits0References1
NVD
NVD
added 2006/10/10 10:7 p.m.24 views

CVE-2006-3651

Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693...

9.3CVSS7.2AI score0.30725EPSS
Exploits0References7
Cvelist
Cvelist
added 2003/04/02 5:0 a.m.25 views

CVE-2002-0619

The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...

6.6AI score0.16075EPSS
Exploits0References4
CVE
CVE
added 2003/04/02 5:0 a.m.65 views

CVE-2002-0619

The CVE-2002-0619 entry concerns Microsoft Word 2002 for Windows, where the Mail Merge Tool—when Microsoft Access is installed—allows remote attackers to run VBA scripts embedded in an HTML mail-merge document. This is identified as a variant of MS00-071 (CVE-2000-0788). Affected component: Word’...

7.5CVSS6.8AI score0.16075EPSS
Exploits0References4Affected Software1
Tenable Nessus
Tenable Nessus
added 2003/03/10 12:0 a.m.53 views

MS02-031: Cumulative patches for Excel and Word for Windows (324458)

The versions of Microsoft Word and Excel installed on the remote host are missing a security update. They are, therefore, affected by multiple vulnerabilities : - A security bypass vulnerability exists in Excel due to improper handling of formatted inline macros that are attached to objects withi...

7.5CVSS6.1AI score0.16075EPSS
Exploits0References5
NVD
NVD
added 2002/08/12 4:0 a.m.26 views

CVE-2002-0619

The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic VBA scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" CVE-2000-0788...

7.5CVSS6.6AI score0.16075EPSS
Exploits0References4
securityvulns
securityvulns
added 2002/06/20 12:0 a.m.32 views

Microsoft Word Mail Merge vulnerability

Microsoft Word document merged with Access database allows to execute VBA procedures without warning...

3.3AI score
Exploits0References4Affected Software2
securityvulns
securityvulns
added 2002/05/06 12:0 a.m.33 views

dH team & SECURITY.NNOV: A variant of "Word Mail Merge" vulnerability

Русская версия этой advisory приведена ниже. Original version of this advisory: http://www.security.nnov.ru/advisories/mailmerge.asp Title: A variant of "Word Mail Merge" vulnerability Authors: ERRor, 3APA3A Date: May, 03 2002 Affected: Office 97, 2000, XP Vendor: Microsoft Risk: Average to high...

7AI score
Exploits0
CVE
CVE
added 2002/03/09 5:0 a.m.53 views

CVE-2000-0788

The CVE-2000-0788 family concerns the Mail Merge Tool in Microsoft Word. Connected records describe Word 2000/Word 2002 behavior: when Access is present, the Mail Merge tool can execute Visual Basic (VBA) scripts embedded in a mail-merge document saved as HTML, enabling remote command execution. ...

10CVSS7.4AI score0.08417EPSS
Exploits1References4Affected Software2
Cvelist
Cvelist
added 2002/03/09 5:0 a.m.29 views

CVE-2000-0788

The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic VBA scripts in an Access database, which could allow an attacker to execute arbitrary commands...

7AI score0.08417EPSS
Exploits1References4
Rows per page
Query Builder