Lucene search
K

269 matches found

securityvulns
securityvulns
added 2007/07/11 12:0 a.m.45 views

Microsoft Publisher memory corruption

Memory corruption on .PUB files parsing...

9.3CVSS3.2AI score0.32782EPSS
Exploits1References2Affected Software1
Prion
Prion
added 2007/07/10 10:30 p.m.21 views

Memory corruption

PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that...

9.3CVSS7.7AI score0.32782EPSS
Exploits1References10Affected Software1
Cvelist
Cvelist
added 2007/07/10 10:0 p.m.30 views

CVE-2007-1754

PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that...

7.4AI score0.32782EPSS
Exploits1References10
Prion
Prion
added 2007/04/18 3:19 a.m.17 views

Cross site scripting

Multiple cross-site scripting XSS vulnerabilities in Open-gorotto 2.0a 2006/02/08 edition, 2006/03/19 edition, and 2006/04/07 edition before 20070416 allow remote attackers to inject arbitrary web script or HTML via unspecified parameters to 1 pub/modules/d/top.html; 2 /pub/modules/a/access.html;...

4.3CVSS6.1AI score0.01707EPSS
Exploits0References14Affected Software1
securityvulns
securityvulns
added 2006/09/13 12:0 a.m.31 views

Microsoft Publisher memory corruption

Memory corruption on .pub files parsing...

3.2AI score
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2006/09/12 11:0 p.m.23 views

CVE-2006-0001

Stack-based buffer overflow in Microsoft Publisher 2000 through 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted PUB file, which causes an overflow when parsing fonts...

7.8AI score0.40018EPSS
Exploits1References13
Symantec
Symantec
added 2006/09/12 12:0 a.m.13 views

Microsoft Publisher Font Parsing Remote Code Execution Vulnerability

Description Microsoft Publisher is prone to a code-execution vulnerability. This is due to a flaw when handling malformed PUB files. Successfully exploiting this issue allows attackers to corrupt process memory and to execute arbitrary code in the context of targeted users. Technologies Affected ...

0.7AI score
Exploits0References1Affected Software3
UbuntuCve
UbuntuCve
added 2006/07/05 8:5 p.m.27 views

CVE-2006-3336

TWiki 01-Dec-2000 up to 4.0.3 allows remote attackers to bypass the upload filter and execute arbitrary code via filenames with double extensions such as ".php.en", ".php.1", and other allowed extensions that are not .txt. NOTE: this is only a vulnerability when the server allows script execution...

4CVSS6.3AI score0.0283EPSS
Exploits2References1
CVE
CVE
added 2006/07/05 8:0 p.m.50 views

CVE-2006-3336

CVE-2006-3336 affects TWiki up to version 4.0.3 where the upload filter fails to block certain double extensions (e.g., .php.en, .php.1) unless the server disallows script execution in the pub directory. This allows remote attackers to upload and potentially execute scripts, yielding arbitrary co...

4CVSS7.5AI score0.0283EPSS
Exploits2References5Affected Software1
Rows per page
Query Builder