9 matches found
Memory corruption
The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted TIFF image in an Office document, ak...
CVE-2010-3951
The CVE-2010-3951 entry corresponds to a buffer/stack overflow in the Microsoft Office FlashPix Image Converter (graphics filters) when parsing certain property sets. Affected products are Microsoft Office XP SP3 and the Office Converter Pack. The vulnerability arises from a parsing boundary erro...
MS10-105: Vulnerabilities in Microsoft Office Graphics Filters Could Allow for Remote Code Execution (968095)
The remote host is running a version of Microsoft Office with multiple memory corruption vulnerabilities. A remote attacker could exploit this by tricking a user into viewing a specially crafted image file with Office, resulting in arbitrary code execution. C Tenable Network Security, Inc...
Microsoft Office Graphics Filters Remote Code Execution Vulnerabilities (968095)
This host is missing a critical security update according to Microsoft Bulletin MS10-105. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...
Integer overflow
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names ...
CVE-2009-2506
The CVE-2009-2506 issue is a memory corruption/heap overflow vulnerability in WordPad and Office text converters when parsing the DocumentSummaryInformation stream of a specially crafted Word 97 DOC file. A remote attacker could execute arbitrary code with the privileges of the logged-on user by ...
Microsoft Word 2000 WordPerfect Converter Remote Code Execution Vulnerability
Description Microsoft Word 2000 is prone to a remote code-execution vulnerability because it fails to properly validate an unspecified string when parsing a WordPerfect document. An attacker could exploit this issue to execute arbitrary code with the privileges of the currently logged-in user...
CVE-2008-3019
CVE-2008-3019 describes a remote code execution vulnerability in Microsoft Office filters related to malformed Encapsulated PostScript (EPS) handling. A crafted EPS file could allow code execution when opened with affected Office products: Office 2000 SP3, XP SP3, and 2003 SP2, plus the Office Co...
CVE-2008-3020
CVE-2008-3020 is a remote code execution vulnerability in Microsoft Office filters, specifically in the BMPIMP32.FLT module used by Office BMP import handling. A crafted BMP image with a malformed header (e.g., an excessive number of colors) causes a heap buffer overflow/memory corruption in BMP ...