Search and browse vulnerability records from NVD
Showing 5 of 8455 CVEs
| CVE ID | Severity | Description | EPSS | Published | |
|---|---|---|---|---|---|
|
CVE-2007-0671
KEV
|
8.8 HIGH |
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. |
68.4% | 2007-02-03 | |
|
CVE-2006-2492
KEV
|
8.8 HIGH |
Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack. |
77.2% | 2006-05-20 | |
|
CVE-2006-1547
KEV
|
7.5 HIGH |
ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils. |
17.3% | 2006-03-30 | |
|
CVE-2004-0210
KEV
|
7.8 HIGH |
The POSIX component of Microsoft Windows NT and Windows 2000 allows local users to execute arbitrary code via certain parameters, possibly by modifying message length values and causing a buffer overflow. |
2.5% | 2004-08-06 | |
|
CVE-2002-0367
KEV
|
7.8 HIGH |
smss.exe debugging subsystem in Windows NT and Windows 2000 does not properly authenticate programs that connect to other programs, which allows local users to gain administrator or SYSTEM privileges by duplicating a handle to a privileged process, as demonstrated by DebPloit. |
0.7% | 2002-06-25 |