372 matches found
Microsoft Office Drawing Record msofbtOPT Code Execution (MS07-015; CVE-2007-0671)
Microsoft Office is a popular productivity application suite released by Microsoft Corporation. It includes a word processor, a spreadsheet application, a presentation editor, and a number of other applications and components. There exists a vulnerability in Microsoft Office products. The flaw is...
CVE-2009-2838
Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Office document that triggers a buffer overflow...
Integer overflow
Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Office document that triggers a buffer overflow...
CVE-2009-2838
Integer overflow in QuickLook in Apple Mac OS X 10.5.8 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Office document that triggers a buffer overflow...
ClamAV < 0.94.1 get_unicode_name() Function Off-by-One Buffer Overflow (deprecated)
Binary data 4744.prm...
clamav -- off-by-one heap overflow in VBA project parser
Advisory from Moritz Jodeit, November 8th, 2008: ClamAV contains an off-by-one heap overflow vulnerability in the code responsible for parsing VBA project files. Successful exploitation could allow an attacker to execute arbitrary code with the privileges of the clamd' process by sending an email...
Integer overflow
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to...
[Full-disclosure] iDefense Security Advisory 10.14.08: Microsoft Visual Basic for Applications - Multiple Vulnerabilities
iDefense Security Advisory 10.14.08 http://labs.idefense.com/intelligence/vulnerabilities/ Oct 14, 2008 I. BACKGROUND Microsoft VBA is an implementation of Microsoft Visual Basic programming language for developing client desktop packaged applications and integrating them with existing data and...
CVE-2008-3477
CVE-2008-3477 affects Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2/SP3, in which the VBA Performance Cache handling of embedded objects can be abused to execute arbitrary code. The root cause is from heap-based and other memory corruptions (overflow/invalid indexing) when processing an object...
CVE-2008-3477
Microsoft Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3 does not properly validate data in the VBA Performance Cache when processing an Office document with an embedded object, which allows remote attackers to execute arbitrary code via an Excel file containing a crafted value, leading to...
CVE-2008-0118
Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft...
CVE-2002-1776
Symantec Norton AntiVirus 2002 is affected by CVE-2002-1776. The issue allows remote attackers to bypass virus protection via a Word Macro virus with a .nch or .dbx extension, which is automatically recognized and executed as a Microsoft Office document. The vendor disputes the claim, noting that...