Lucene search

K
MicrosoftVisio2003

19 matches found

CVE
CVE
added 2013/05/15 3:36 a.m.132 views

CVE-2013-1301

Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka "XML External Entities Resolution Vulnerability."

4.3CVSS6.6AI score0.26804EPSS
CVE
CVE
added 2004/09/28 4:0 a.m.112 views

CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy oper...

9.3CVSS7.6AI score0.75514EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.78 views

CVE-2008-1089

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability."

9.3CVSS7.3AI score0.5085EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.78 views

CVE-2008-1090

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."

9.3CVSS7.3AI score0.59441EPSS
CVE
CVE
added 2009/02/10 10:30 p.m.78 views

CVE-2009-0097

Microsoft Office Visio 2002 SP2 and 2003 SP3 does not properly validate memory allocation for Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.48662EPSS
CVE
CVE
added 2009/02/10 10:30 p.m.75 views

CVE-2009-0096

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly perform memory copy operations for object data, which allows remote attackers to execute arbitrary code via a crafted Visio document, aka "Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.59773EPSS
CVE
CVE
added 2006/10/10 10:7 p.m.72 views

CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-20...

9.3CVSS7.1AI score0.55161EPSS
CVE
CVE
added 2009/02/10 10:30 p.m.72 views

CVE-2009-0095

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 does not properly validate object data in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Memory Validation Vulnerability."

9.3CVSS7.5AI score0.48662EPSS
CVE
CVE
added 2005/08/19 4:0 a.m.64 views

CVE-2005-2127

Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demo...

7.5CVSS7.8AI score0.42713EPSS
CVE
CVE
added 2007/02/03 1:28 a.m.61 views

CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

9.3CVSS7.5AI score0.62106EPSS
CVE
CVE
added 2011/08/10 9:55 p.m.60 views

CVE-2011-1972

Microsoft Visio 2003 SP3, 2007 SP2, and 2010 Gold and SP1 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "pStream Release RCE Vulnerability."

9.3CVSS7.5AI score0.61029EPSS
CVE
CVE
added 2011/08/10 9:55 p.m.59 views

CVE-2011-1979

Microsoft Visio 2003 SP3 and 2007 SP2 does not properly validate objects in memory during Visio file parsing, which allows remote attackers to execute arbitrary code via a crafted file, aka "Move Around the Block RCE Vulnerability."

9.3CVSS7.5AI score0.61029EPSS
CVE
CVE
added 2010/08/27 7:0 p.m.55 views

CVE-2010-3148

Untrusted search path vulnerability in Microsoft Visio 2003 SP3 allows local users to gain privileges via a Trojan horse mfc71enu.dll file in the current working directory, as demonstrated by a directory that contains a .vsd, .vdx, .vst, or .vtx file, aka "Microsoft Visio Insecure Library Loading V...

9.3CVSS6.3AI score0.26525EPSS
CVE
CVE
added 2010/05/06 12:47 p.m.50 views

CVE-2010-1681

Buffer overflow in VISIODWG.DLL before 10.0.6880.4 in Microsoft Office Visio allows user-assisted remote attackers to execute arbitrary code via a crafted DXF file, a different vulnerability than CVE-2010-0254 and CVE-2010-0256.

7.6CVSS7.5AI score0.79079EPSS
CVE
CVE
added 2011/02/10 4:0 p.m.49 views

CVE-2011-0093

ELEMENTS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 does not properly parse structures during the opening of a Visio file, which allows remote attackers to execute arbitrary code via a file containing a malformed structure, aka "Visio Data Type Memory Corruption Vulnerability."

9.3CVSS7.6AI score0.44027EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.46 views

CVE-2010-0256

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly calculate unspecified indexes associated with Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Index Calculation Memory Corruption Vulnerability."

7.6CVSS7.5AI score0.20483EPSS
CVE
CVE
added 2010/04/14 4:0 p.m.45 views

CVE-2010-0254

Microsoft Office Visio 2002 SP2, 2003 SP3, and 2007 SP1 and SP2 does not properly validate attributes in Visio files, which allows remote attackers to execute arbitrary code via a crafted file, aka "Visio Attribute Validation Memory Corruption Vulnerability."

7.6CVSS7.5AI score0.20483EPSS
CVE
CVE
added 2011/02/10 4:0 p.m.43 views

CVE-2011-0092

The LZW stream decompression functionality in ORMELEMS.DLL in Microsoft Visio 2002 SP2, 2003 SP3, and 2007 SP2 allows remote attackers to execute arbitrary code via a Visio file with a malformed VisioDocument stream that triggers an exception handler that accesses an object that has not been fully ...

9.3CVSS7.6AI score0.4459EPSS
CVE
CVE
added 2007/01/09 10:0 p.m.41 views

CVE-2006-5574

Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed.

9.3CVSS7.6AI score0.39159EPSS