Download
| Alert*
|
oval:org.mitre.oval:def:1369
Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging Vulnerability." oval:org.secpod.oval:def:1377 The host is missing a critical security update according to Microsoft security bulletin, MS10-087. The update is required to fix multiple remote code execution vulnerabilities. Flaws are in Microsoft Office, which fails to validate crafted RTF data, msofbtSp records and unspecified flags. Successful ... oval:org.secpod.oval:def:5104 The host is missing a critical security update according to Microsoft security bulletin, MS12-027. The update is required to fix a remote code execution vulnerability. A flaw is present in Windows common controls, which fails to handle a website containing specially crafted content. Successful explo ... oval:org.secpod.oval:def:3300 The host is missing a critical security update according to Microsoft security bulletin, MS11-023. The update is required to fix remote code execution vulnerability. A flaw is present in the application which does not properly handle loading of DLL files. Successful exploitation allows attackers to ... oval:org.secpod.oval:def:1522 The host is missing a critical security update according to Microsoft security bulletin, MS10-031. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Visual Basic for Applications, which fails to search for ActiveX Controls embedded in documents. Su ... oval:org.secpod.oval:def:1217 The host is missing an important security update according to Microsoft security bulletin, MS10-105. The update is required to fix denial of service vulnerability. Multiple flaws are caused due to errors in processing CGM, PICT, TIFF, FlashPix image files. Successful exploitation could allows an att ... oval:org.secpod.oval:def:6352 The host is missing an important security update according to Microsoft security bulletin, MS12-046. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle the loading of DLL files. Successful exploitation could allow ... oval:org.secpod.oval:def:6721 The host is missing a critical security update according to MS12-060. The update is required to fix remote code execution vulnerability. A flaw is present in the application, which is caused when an ActiveX control corrupts the system state. Successful exploitation allows attackers to execute arbitr ... oval:org.secpod.oval:def:3187 The host is missing a critical security update according to Microsoft security bulletin, MS10-036. The update is required to fix remote code execution vulnerability. A flaw is present in the Microsoft Office, which fails to validate COM objects to be instantiated. Successful exploitation allows an a ... oval:org.secpod.oval:def:3301 The host is missing a critical security update according to Microsoft security bulletin, MS08-055. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Office, which fails handle a specially crafted OneNote URL. Successful exploitation could allow an atta ... oval:org.secpod.oval:def:10985 The host is installed with Microsoft Word 2003 SP3 or Word Viewer and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle a crafted shape data in a Word document. Successful exploitation could allow attackers to execute remote code. oval:org.secpod.oval:def:10986 The host is missing an important security update according to Microsoft security bulletin MS13-043. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle a crafted shape data in a Word document. Successful exploitati ... oval:org.secpod.oval:def:2576 The host is missing a critical security update according to Microsoft security bulletin, MS08-013. The update is required to fix remote code execution vulnerability. A flaw is present in Microsoft Office, which fails to handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:2579 The host is missing an important security update according to Microsoft security bulletin, MS08-011. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Works File Converter, which fails handle a specially crafted Works (.wps) file. Successful expl ... oval:org.secpod.oval:def:14136 The host is missing an important security update according to Microsoft bulletin, MS13-051. The update is required to fix buffer overflow vulnerability. A flaw is present in the application, which is caused when Microsoft Office components for processing PNG files do not properly handle memory alloc ... oval:org.secpod.oval:def:2249 The host is missing an important security update according to Microsoft security bulletin, MS11-073. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly handle different a specially crafted office file. Succe ... oval:org.secpod.oval:def:15991 The host is missing a critical security update according to Microsoft security bulletin, MS13-091. The update is required to fix multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted WordPerfect document (.wpd) file. Successful exploitation ... oval:org.secpod.oval:def:2638 The host is missing an important security update according to Microsoft security bulletin, MS09-073. The update is required to fix remote code execution vulnerability. A flaw is present in the text converters in Microsoft WordPad and Microsoft Office, which fails to handle a specially crafted Word 9 ... oval:org.secpod.oval:def:16201 The host is missing a critical security update according to Microsoft security bulletin, MS13-096. The update is required to fix a remote code execution vulnerability. The flaw is present in the graphics component in Microsoft Windows Vista, Windows Server 2008, Office 2003 SP3 /2007 SP3 /2010 SP1, ... oval:org.secpod.oval:def:14315 The host is missing an important security update according to Microsoft security bulletin, MS13-054. The update is required to fix multiple vulnerabilities. The flaws are present in the Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or ... oval:org.secpod.oval:def:8352 The host is missing a critical security update according to MS13-002. The update is required to fix multiple MSXML vulnerabilities. The flaws are present in the applications, which fail to properly handle XML content. Successful exploitation allows attackers to execute arbitrary code. oval:org.secpod.oval:def:6199 The host is missing a critical security update according to Microsoft security bulletin, MS12-043. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted webpage. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:2663 The host is missing a critical security update according to Microsoft security bulletin, MS09-062. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Windows GDI+, which fails to validate data within GDI+ when rendering WMF images and improper ... oval:org.mitre.oval:def:233 The application Microsoft Office 2003 is installed. oval:org.mitre.oval:def:6491 GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Off ... oval:org.mitre.oval:def:6004 Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital I ... oval:org.mitre.oval:def:6122 Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability." oval:org.mitre.oval:def:5309 wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." oval:org.mitre.oval:def:2706 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy opera ... oval:org.mitre.oval:def:279 Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, "Microsoft Office Prop ... oval:org.mitre.oval:def:5898 Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Ex ... oval:org.mitre.oval:def:11739 Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, "Drawing Exception Ha ... oval:org.mitre.oval:def:301 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. oval:org.mitre.oval:def:389 Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption. oval:org.mitre.oval:def:5881 Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and 2 ... oval:org.mitre.oval:def:6055 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 200 ... oval:org.mitre.oval:def:5009 Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." oval:org.mitre.oval:def:5407 Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulner ... oval:org.mitre.oval:def:5800 Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3 ... oval:org.mitre.oval:def:11967 Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, "PICT Image Converter Integer Overflow Vulnerability." oval:org.mitre.oval:def:5879 Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulnerability," a different vulnerability than CVE-2008 ... oval:org.mitre.oval:def:5997 Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a di ... oval:org.mitre.oval:def:11439 Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp ... oval:org.mitre.oval:def:6040 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQ ... oval:org.mitre.oval:def:6282 Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project ... oval:org.mitre.oval:def:5190 Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption from an "allocation error," aka "Microsoft Offi ... oval:org.mitre.oval:def:12249 Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, "CGM Image Converter Buffer Overrun Vulnerability." oval:org.mitre.oval:def:5986 gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQ ... oval:org.mitre.oval:def:632 Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "a ... oval:org.mitre.oval:def:5970 Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "Uniform Resource Locator Validation Error Vulnerab ... oval:org.mitre.oval:def:639 MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a c ... oval:org.mitre.oval:def:2069 Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow. oval:org.mitre.oval:def:3311 Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. oval:org.mitre.oval:def:7074 VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a ... oval:org.mitre.oval:def:1090 The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF ... oval:org.mitre.oval:def:222 Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with value ... oval:org.mitre.oval:def:2051 Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. oval:org.mitre.oval:def:6134 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E ... oval:org.mitre.oval:def:5202 Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnera ... oval:org.mitre.oval:def:5846 Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in ... oval:org.mitre.oval:def:5967 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E ... oval:org.mitre.oval:def:11931 Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, "RTF Stack Buffer Overflow Vul ... oval:org.mitre.oval:def:6019 WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulnera ... oval:org.mitre.oval:def:7214 The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenTyp ... oval:org.secpod.oval:def:5625 Microsoft Office 2003 SP3 is installed. oval:org.secpod.oval:def:6713 The host is installed with Microsoft Office 2003, Office 2003 Web Components, Microsoft Office 2007, 2010, Microsoft Host Integration Server 2004 , Microsoft Visual FoxPro 8.0, 9.0 or Visual Basic 6.0 Runtime, Microsoft SQL Server 2000, 2005, 2008, 2008 R2 and is prone to remote code execution vulne ... oval:org.mitre.oval:def:7286 Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiat ... oval:org.secpod.oval:def:793 The host is installed with Microsoft Windows Vista or Server 2008/R2 or Windows 7 and is prone to file validation vulnerability. A flaw is present in the applications which does not validate the office file. Successful exploitation, exploit the integrity of a file and allows attacker to read sensit ... oval:org.secpod.oval:def:2725 The host is missing a critical security update according to Microsoft security bulletin, MS08-016. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Office, which fails to handle a malformed Office file. Successful exploitation could allow an att ... oval:org.secpod.oval:def:2040 The host is missing a critical security update according to Microsoft security bulletin, MS10-063. The update is required to fix code execution vulnerability. A flaw is present in the Unicode Script Processor implementation in USP10.DLL in Microsoft Windows, which is due to two array-indexing errors ... oval:org.secpod.oval:def:2660 The host is missing a critical security update according to Microsoft security bulletin, MS09-044. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Office Filters, which fails to handle a specially crafted image file. Successful exploitation cou ... oval:org.secpod.oval:def:662 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Office XP is prone to remote code execution vulnerability. A flaw is present in graphic objects which does not properly handle parse specially crafted Office file. Successful exploitation allows attack ... oval:org.secpod.oval:def:661 The host is installed with Windows XP, Windows Vista, Windows Server 2008, Windows Server 2003 and Office XP is prone to remote code execution vulnerability. A flaw is present in the application which does not properly handle loading of DLL files. Successful exploitation allows attackers to run remo ... oval:org.secpod.oval:def:6351 The host is installed with Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA) and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle the loading of DLL files. Successfu ... oval:org.secpod.oval:def:5113 The host is installed with Microsoft BizTalk Server 2002 or Microsoft Commerce Server 2002 or 2007 or 2009 or 2009 R2 or Microsoft Office 2003 or 2007 or 2010 or Microsoft Visual FoxPro or Visual Basic 6.0 Runtime and is prone remote code execution vulnerability. A flaw is present in the application ... oval:org.secpod.oval:def:8348 The host is installed with Microsoft XML Core Services 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, or Mic ... oval:org.secpod.oval:def:14135 The host is installed with Microsoft Office 2003 and is prone to buffer overflow vulnerability. A flaw is present in the application, which is caused when Microsoft Office components for processing PNG files do not properly handle memory allocation. Successful exploitation allows attackers to execut ... oval:org.secpod.oval:def:6200 The host is installed with Microsoft XML Core Services 3.0, 4.0, 5.0 or 6.0 and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted web site. Successful exploitation allows remote attackers to execute arbitrary code or cause a denial o ... oval:org.secpod.oval:def:5632 The host is installed with Microsoft Office and is prone GDI+ heap overflow vulnerability. A flaw is present in the applications, which fail to handle a specially crafted EMF image file. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or create ... oval:org.secpod.oval:def:5631 The host is installed with Microsoft Office, Windows and is prone GDI+ record type vulnerability. A flaw is present in the applications, which fail to handle a specially crafted EMF images. Successful exploitation could allow remote attackers to install programs, view, change, or delete data or crea ... oval:org.secpod.oval:def:2247 The host is installed with Microsoft Office 2003 or 2007 and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to enforce proper access rights. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:3339 The host is missing a critical security update according to Microsoft security bulletin, MS08-052. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Windows GDI+, which fails handle a specially crafted image file or browsed a Web site that contai ... oval:org.mitre.oval:def:918 Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, "Microsoft Office Parsing ... oval:org.secpod.oval:def:15993 The host is installed with Microsoft Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1/SP2 or 2013 and is prone to a stack-based buffer overflow vulnerability. The flaw is present in the application, which fails to handle crafted WordPerfect document (.wpd) file. Successful exploitation could allow atta ... oval:org.secpod.oval:def:15994 The host is installed with Microsoft Microsoft Office 2003 SP3 or 2007 SP3 and is prone to a heap-based buffer overflow vulnerability. The flaw is present in the application, which fails to handle crafted WordPerfect document (.wpd) file. Successful exploitation could allow attackers to execute arbi ... oval:org.secpod.oval:def:2374 The host is missing a critical security update according to Microsoft security bulletin, MS09-043. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Office Web Components, which fails to handle a specially crafted Web page. Successful exploit ... oval:org.secpod.oval:def:15992 The host is installed with Microsoft Microsoft Office 2003 SP3 or 2007 SP3 and is prone to a stack-based buffer overflow vulnerability. The flaw is present in the application, which fails to handle crafted WordPerfect document (.wpd) file. Successful exploitation could allow attackers to execute arb ... oval:org.secpod.oval:def:16204 The host is installed with Microsoft Windows Vista, Windows Server 2008, Microsoft Office 2003 SP3, Office 2007 SP3, Office 2010 SP1/SP2, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to a remote code execution vulnerability. The flaw is present in the graphics component, which fail ... oval:org.mitre.oval:def:740 Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag. oval:org.secpod.oval:def:8351 The host is installed with Microsoft XML Core Services 4.0, 5.0, 6.0 on Microsoft Windows or with Microsoft Groove Server 2007, Microsoft SharePoint Server 2007, Microsoft Expression Web 2, Microsoft Expression Web, Microsoft Office Compatibility Pack, Microsoft Word Viewer, Microsoft Office 2007, M ... oval:org.secpod.oval:def:5624 The host is missing an important security update according to Microsoft security bulletin, MS12-034. The update is required to fix multiple vulnerabilities. The flaws are present in the Microsoft Office, Windows, .NET Framework, and Silverlight, which fail to handle a specially crafted document or a ... oval:org.secpod.oval:def:14317 The host is installed with Microsoft Office 2003 SP3 /2007 SP3 /2010 SP1, Windows, Visual Studio .NET 2003 SP1, Lync 2010, Lync Basic 2013 or Lync 2010 Attendee, and is prone to remote code execution vulnerability. A flaw is present in the application, which fails to properly process crafted TrueTyp ... oval:org.secpod.oval:def:5627 The host is installed with Microsoft Office, Windows, .NET Framework, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fail to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install ... oval:org.secpod.oval:def:5628 The host is installed with Microsoft Office, Windows, and Silverlight and is prone TrueType Font parsing vulnerability. A flaw is present in the applications, which fails to handle a specially crafted TrueType font file. Successful exploitation could allow remote attackers to install programs, view, ... |
