6 matches found
CVE-2013-3155
CVE-2013-3155 concerns a memory corruption/remote code execution vulnerability in Microsoft Access. The connected advisories describe a vulnerability in how Access parses ACCDB files, enabling a remote attacker to execute arbitrary code on vulnerable systems when processing a crafted ACCDB. The i...
CVE-2013-3157
CVE-2013-3157 is tied to a Microsoft Access memory-corruption vulnerability affecting ACCDB parsing in Access 2007 SP3, 2010 SP1/SP2, and 2013. Connected advisories CPAI-2013-3692 and CPAI-2013-3688 describe a remote code execution/vector via crafted ACCDB files, caused by memory-corruption in Ac...
CVE-2015-2503
CVE-2015-2503 is an Office Elevation of Privilege vulnerability that can be triggered via a crafted web site loaded in Internet Explorer to bypass sandbox protections and gain privileges. The initial CVE entry lists Microsoft Office 2007–2016 products (Word, Excel, PowerPoint, Access, InfoPath, V...
CVE-2010-0814
CVE-2010-0814 involves remote code execution in Microsoft Office Access ActiveX controls. The vulnerability arises in the ACCWIZ.dll-based Access Wizard Controls (including ImexGrid and FieldList) when Internet Explorer instantiates multiple Access ActiveX controls, interacting with memory alloca...
CVE-2008-3068
Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...
CVE-2013-3156
The CVE-2013-3156 issue is a memory-corruption vulnerability in Microsoft Access when parsing ACCDB files, affecting Access 2007 SP3, 2010 SP1/SP2, and 2013. A remote attacker could trigger arbitrary code execution or memory corruption by enticing a user to open a crafted ACCDB file. Evidence fro...