4 matches found
CVE-2009-0077
CVE-2009-0077 affects Microsoft ISA Server and Forefront TMG MBE where the firewall engine mishandles TCP state for Web proxy/listeners, enabling a remote attacker to cause a denial of service by creating orphaned/open sessions. Affected products/versions include ISA Server 2004 SP3, ISA Server 2...
CVE-2009-2496
CVE-2009-2496 : Heap-based/heap corruption vulnerability in the OWC10.Spreadsheet ActiveX control of Microsoft Office Web Components. Exploitation requires a user to load a malicious web page and trigger a specific sequence of method calls, leading to remote code execution. Affected products incl...
CVE-2009-0237
CVE-2009-0237 is a non-persistent cross-site scripting (XSS) vulnerability in the HTML forms authentication component cookieauth.dll used by ISA Server and Forefront TMG MBE and affected 2006/2006 SP1, as described in the MS09-016 bulletin. The root cause is improper input validation of HTTP form...
CVE-2007-1201
CVE-2007-1201 is a remote code execution vulnerability in Microsoft Office Web Components 2000 related to the DataSource handling that can trigger memory corruption. Multiple sources describe the DataSource Vulnerability as allowing an attacker to execute arbitrary code in the user’s context by v...