Microsoft Word 97/98/2002 Malformed Document Denial of Service Vulnerability

No description provided by source. source: http://www.securityfocus.com/bid/8761/info It has been reported that Microsoft Word is prone to a vulnerability that may allow an attacker to crash the software. The problem occurs when an attacker modifies the memory structure of a Word document. If a...

Security Update for Word 2002 (KB895589)

A security vulnerability exists in Microsoft Word 2002 that could allow arbitrary code to run when you open a maliciously modified document. The update resolves this vulnerability so that Word 2002 documents are handled appropriately...

Security Update for Word 2002 (KB887978)

A security vulnerability exists in Microsoft Word 2002 that could allow arbitrary code to run when opening a maliciously modified document. This update resolves this vulnerability so that Word documents are handled appropriately...

Microsoft Office RTF pFragments Property Stack Buffer Overflow

Added: 11/16/2010 CVE: CVE-2010-3333 BID: 44652 OSVDB: 69085 Background Microsoft Office is a package which provides word processing, spreadsheet, presentation, e-mail, and calendaring capabilities for Microsoft Windows workstations. Problem A stack buffer overflow vulnerability exists when...

CVE-2010-3217

Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override LFO records, aka "Word Pointer Vulnerability."...

CVE-2010-3216

Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."...

Memory corruption

Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."...

Heap overflow

Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."...

Double free

Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override LFO records, aka "Word Pointer Vulnerability."...

CVE-2010-3218

Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability."...

Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)

This host is missing a critical security update according to Microsoft Bulletin MS10-079. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Office Word Remote Code Execution Vulnerabilities (2293194)

This host is missing a critical security update according to Microsoft Bulletin MS10-079. OpenVAS Vulnerability Test $Id: secpodms10-079.nasl 6533 2017-07-05 08:41:34Z santu $ Microsoft Office Word Remote Code Execution Vulnerabilities 2293194 Authors: Antu Sanadi Copyright: Copyright c 2010...

Microsoft Word Malformed Record Value (CVE-2010-3218) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft Word Index Value Parsing (CVE-2010-3219) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft Word Return Value Handling (CVE-2010-3215) Remote Code Execution Vulnerability

Description Microsoft Word is prone to a remote code-execution vulnerability. Attackers can exploit this issue by enticing an unsuspecting user to open a specially crafted Word file. Successful exploits can allow attackers to execute arbitrary code with the privileges of the user running the...

Microsoft Word sprmCMajority记录解析栈溢出漏洞（MS10-056）

BUGTRAQ ID: 42136 CVE ID: CVE-2010-1900 Word是微软Office套件中的文字处理工具。 在解析Word文档中的sprmCMajority记录时，由于处理sprmCMajority sprm组没有对参数执行检查，攻击者可以控制写入到栈缓冲区中的数据数量，触发栈溢出。成功利用此漏洞的攻击者可完全控制受影响的系统。 Microsoft Office 2008 for Mac Microsoft Office 2004 for Mac Microsoft Word 2007 SP2 Microsoft Word 2003 SP3 Microsoft Wo...

CVE-2010-1900

Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Wo...

Microsoft Office Word Remote Code Execution Vulnerabilities (2269638)

This host is missing a critical security update according to Microsoft Bulletin MS10-056. SPDX-FileCopyrightText: 2010 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft Word HTML Linked Object Remote Memory Corruption Vulnerability

Description Microsoft Word is prone to a remote memory-corruption vulnerability because it fails to properly allocate heap-based memory. An attacker can exploit this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...

Integer overflow

Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names ...