Lucene search

K

118 matches found

CVE
CVE
added 2004/09/01 4:0 a.m.45 views

CVE-2002-0615

The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".

7.5CVSS6.2AI score0.11402EPSS
CVE
CVE
added 2004/09/28 4:0 a.m.45 views

CVE-2004-0573

Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.

7.5CVSS7.8AI score0.47093EPSS
CVE
CVE
added 2006/03/14 11:2 p.m.45 views

CVE-2006-0009

Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in a...

5.1CVSS7.4AI score0.62227EPSS
CVE
CVE
added 2006/03/14 11:2 p.m.45 views

CVE-2006-0028

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid...

5.1CVSS7.1AI score0.51677EPSS
CVE
CVE
added 2008/08/12 11:41 p.m.45 views

CVE-2008-3019

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability."

9.3CVSS7.3AI score0.54114EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.44 views

CVE-2002-0618

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".

7.5CVSS7AI score0.16885EPSS
CVE
CVE
added 2006/03/14 11:2 p.m.44 views

CVE-2006-0029

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption.

5.1CVSS7.2AI score0.40426EPSS
CVE
CVE
added 2006/07/10 10:5 p.m.44 views

CVE-2006-3493

Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NO...

5.1CVSS7.5AI score0.57694EPSS
CVE
CVE
added 2006/07/11 9:5 p.m.43 views

CVE-2006-0033

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed.

9.3CVSS7.4AI score0.45773EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.42 views

CVE-2008-3007

Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator Validation Error Vulnera...

9.3CVSS7.5AI score0.61776EPSS
CVE
CVE
added 2008/02/12 11:0 p.m.41 views

CVE-2008-0104

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.4845EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.41 views

CVE-2008-0119

Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vul...

9.3CVSS7.3AI score0.5673EPSS
CVE
CVE
added 2014/09/19 10:55 a.m.40 views

CVE-2006-1318

Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

9.3CVSS7.8AI score0.1806EPSS
CVE
CVE
added 2007/02/13 9:28 p.m.40 views

CVE-2007-0208

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.

9.3CVSS7.2AI score0.57631EPSS
CVE
CVE
added 2008/03/11 11:44 p.m.40 views

CVE-2008-0110

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI.

9.3CVSS7.2AI score0.54784EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.40 views

CVE-2008-1091

Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based bu...

9.3CVSS7.4AI score0.62379EPSS
CVE
CVE
added 2007/01/09 11:28 p.m.39 views

CVE-2007-0034

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."

9.3CVSS7.5AI score0.62591EPSS
CVE
CVE
added 2007/10/09 10:17 p.m.38 views

CVE-2007-3899

Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.51546EPSS
Total number of security vulnerabilities118