Vulnerabilities > Microsoft > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2007-07-10 | CVE-2007-3029 | Remote Code Execution vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption. | 9.3 |
2007-07-10 | CVE-2007-1756 | Remote Code Execution vulnerability in Microsoft Excel, Excel Viewer and Office Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability". | 9.3 |
2007-07-10 | CVE-2007-1754 | Resource Management Errors vulnerability in Microsoft Publisher 2007 PUBCONV.DLL in Microsoft Office Publisher 2007 does not properly clear memory when transferring data from disk to memory, which allows user-assisted remote attackers to execute arbitrary code via a malformed .pub page via a certain negative value, which bypasses a sanitization procedure that initializes critical pointers to NULL, aka the "Publisher Invalid Memory Reference Vulnerability". | 9.3 |
2007-07-10 | CVE-2007-0043 | Buffer Errors vulnerability in Microsoft .Net Framework 1.0/1.1/2.0 The Just In Time (JIT) Compiler service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer," probably a buffer overflow, aka ".NET JIT Compiler Vulnerability". | 9.3 |
2007-07-10 | CVE-2007-0041 | Buffer Errors vulnerability in Microsoft .Net Framework 1.0/1.1/2.0 The PE Loader service in Microsoft .NET Framework 1.0, 1.1, and 2.0 for Windows 2000, XP, Server 2003, and Vista allows remote attackers to execute arbitrary code via unspecified vectors involving an "unchecked buffer" and unvalidated message lengths, probably a buffer overflow. | 9.3 |
2007-07-10 | CVE-2007-0040 | Remote Code Execution vulnerability in Microsoft Windows 2000 and Windows 2003 Server The LDAP service in Windows Active Directory in Microsoft Windows 2000 Server SP4, Server 2003 SP1 and SP2, Server 2003 x64 Edition and SP2, and Server 2003 for Itanium-based Systems SP1 and SP2 allows remote attackers to execute arbitrary code via a crafted LDAP request with an unspecified number of "convertible attributes." | 10.0 |
2007-06-30 | CVE-2007-3504 | Path Traversal vulnerability in SUN Jdk, JRE and SDK Directory traversal vulnerability in the PersistenceService in Sun Java Web Start in JDK and JRE 5.0 Update 11 and earlier, and Java Web Start in SDK and JRE 1.4.2_13 and earlier, for Windows allows remote attackers to perform unauthorized actions via an application that grants file overwrite privileges to itself. | 9.3 |
2007-06-25 | CVE-2007-3376 | Buffer Overflow vulnerability in Apple Safari 3.0.2 Buffer overflow in Apple Safari 3.0.2 on Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (crash) and possibly execute arbitrary code via a long value in the title HTML tag, which triggers the overflow when the user adds the page as a bookmark. | 9.3 |
2007-06-21 | CVE-2007-3341 | Unspecified vulnerability in Microsoft Internet Explorer 5/6.0/7.0 Unspecified vulnerability in the FTP implementation in Microsoft Internet Explorer allows remote attackers to "see a valid memory address" via unspecified vectors, a different issue than CVE-2007-0217. | 10.0 |
2007-06-21 | CVE-2007-3334 | Remote vulnerability in Ingress Database Server Multiple heap-based buffer overflows in the (1) Communications Server (iigcc.exe) and (2) Data Access Server (iigcd.exe) components for Ingres Database Server 3.0.3, as used in CA (Computer Associates) products including eTrust Secure Content Manager r8 on Windows, allow remote attackers to execute arbitrary code via unknown vectors. | 10.0 |