This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:office:2007:sp1
Detail
VendorMicrosoftFirst view 2008-07-07
ProductOfficeLast view2010-07-15
Version2007TypeApplication
Edition 
Language 
Updatesp1 
 
CPE Productcpe:/a:microsoft:office

Activity : Overall

Related : CVE

 DateAlertAccess VectorAccess ComplexityAuthentication
9.32010-07-15CVE-2010-0814NetworkMediumNone Requ...
9.32010-07-15CVE-2010-0266NetworkMediumNone Requ...
9.32010-06-08CVE-2010-1263NetworkMediumNone Requ...
9.32010-05-12CVE-2010-0815NetworkMediumNone Requ...
9.32009-10-14CVE-2009-3126NetworkMediumNone Requ...
Hide | Show 17 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
9.32009-10-14CVE-2009-2528NetworkMediumNone Requ...
9.32009-10-14CVE-2009-2504NetworkMediumNone Requ...
9.32009-10-14CVE-2009-2503NetworkMediumNone Requ...
9.32009-10-14CVE-2009-2502NetworkMediumNone Requ...
9.32009-10-14CVE-2009-2501NetworkMediumNone Requ...
9.32009-10-14CVE-2009-2500NetworkMediumNone Requ...
4.32008-11-12CVE-2008-4033NetworkMediumNone Requ...
9.32008-10-14CVE-2008-4019NetworkMediumNone Requ...
9.32008-10-14CVE-2008-3471NetworkMediumNone Requ...
9.32008-09-10CVE-2008-3015NetworkMediumNone Requ...
9.32008-09-10CVE-2008-3014NetworkMediumNone Requ...
9.32008-09-10CVE-2008-3013NetworkMediumNone Requ...
9.32008-09-10CVE-2008-3007NetworkMediumNone Requ...
9.32008-08-12CVE-2008-3006NetworkMediumNone Requ...
6.62008-08-12CVE-2008-3003LocalLowNone Requ...
6.82008-08-12CVE-2008-1455NetworkMediumNone Requ...
7.52008-07-07CVE-2008-3068NetworkLowNone Requ...

CWE : Common Weakness Enumeration

%idName
28% (6)CWE-94Failure to Control Generation of Code ('Code Injection')
23% (5)CWE-189Numeric Errors
19% (4)CWE-399Resource Management Errors
14% (3)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
9% (2)CWE-20Improper Input Validation
Hide | Show 1 More...
%idName
4% (1)CWE-200Information Exposure

Oval Markup Language : Definitions

OvalIDName
oval:org.mitre.oval:def:5986GDI+ GIF Parsing Vulnerability
oval:org.mitre.oval:def:7286COM Validation Vulnerability
oval:org.mitre.oval:def:5970Uniform Resource Locator Validation Error Vulnerability
oval:org.mitre.oval:def:6491GDI+ TIFF Buffer Overflow Vulnerability
oval:org.mitre.oval:def:6134GDI+ PNG Integer Overflow Vulnerability
Hide | Show 16 More...
idName
oval:org.mitre.oval:def:6102Formula Parsing Vulnerability
oval:org.mitre.oval:def:5800GDI+ PNG Heap Overflow Vulnerability
oval:org.mitre.oval:def:5881GDI+ BMP Integer Overflow Vulnerability
oval:org.mitre.oval:def:6004GDI+ WMF Buffer Overrun Vulnerability
oval:org.mitre.oval:def:5561Excel Record Parsing Vulnerability
oval:org.mitre.oval:def:11623Microsoft Outlook SMB Attachment Vulnerability
oval:org.mitre.oval:def:7074VBE6.DLL Stack Memory Corruption Vulnerability
oval:org.mitre.oval:def:5967GDI+ WMF Integer Overflow Vulnerability
oval:org.mitre.oval:def:5951Excel Credential Caching Vulnerability
oval:org.mitre.oval:def:5750File Format Parsing Vulnerability
oval:org.mitre.oval:def:5898GDI+ TIFF Buffer Overflow Vulnerability
oval:org.mitre.oval:def:11907Access ActiveX Control Vulnerability
oval:org.mitre.oval:def:5555Parsing Overflow Vulnerability
oval:org.mitre.oval:def:6282GDI+ .NET API Vulnerability
oval:org.mitre.oval:def:6426Memory Corruption Vulnerability
oval:org.mitre.oval:def:5847MSXML Header Request Vulnerability

SAINT Exploits

DescriptionLink
Microsoft Excel formula parsing integer overflowMore info here
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerabilityMore info here
Microsoft Office Art Property Table Memory CorruptionMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
66296Microsoft Outlook SMB Attachment Handling Arbitrary Program Execution
66294Microsoft Office Access AccWizObjects ActiveX Remote Code Execution
65219Microsoft Windows / Office COM Object Instantiation Validation Remote Code Ex...
64529Microsoft Visual Basic for Applications VBE6.dll Single-Byte Stack Overwrite
58869Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E...
Hide | Show 17 More...
idDescription
58868Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow
58867Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation
58866Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr...
58865Microsoft Multiple Products GDI+ TIFF Image Handling Overflow
58864Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow
58863Microsoft Multiple Products GDI+ WMF Image Handling Overflow
50279Microsoft XML Core Services HTTP Request Header Field Cross-domain Session St...
49078Microsoft Excel Embedded Formula Parsing Arbitrary Code Execution
49076Microsoft Excel BIFF File Malformed Object Handling Arbitrary Code Execution
47969Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow
47968Microsoft Multiple Products GDI+ WMF Image Handling Overflow
47967Microsoft Multiple Products GDI+ GIF Image Handling Arbitrary Code Execution
47964Microsoft Office OneNote Protocol Handler (onenote://) URI Handling Arbitrary...
47410Microsoft Office Excel connections.xml Password String Persistence
47407Microsoft Office Excel File COUNTRY Record Value Parsing Arbitrary Code Execu...
47404Microsoft PowerPoint File List Value Handling Memory Corruption
47004Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di...

OpenVAS Exploits

idDescription
2011-01-18Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2010-10-13Name : Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882)
File : nvt/secpod_ms10-083.nasl
2010-07-14Name : MS Office Access ActiveX Controls Remote Code Execution Vulnerabilities(982335)
File : nvt/secpod_ms10-044.nasl
2010-07-14Name : Microsoft Outlook SMB Attachment Remote Code Execution Vulnerability (978212)
File : nvt/secpod_ms10-045.nasl
2010-06-09Name : Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
File : nvt/secpod_ms10-036.nasl
Hide | Show 7 More...
idDescription
2010-05-13Name : Microsoft Visual Basic Remote Code Execution Vulnerability (978213)
File : nvt/secpod_ms10-031.nasl
2009-10-21Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
File : nvt/secpod_ms09-062.nasl
2008-11-12Name : Microsoft XML Core Services Remote Code Execution Vulnerability (955218)
File : nvt/secpod_ms08-069_900058.nasl
2008-10-15Name : Microsoft Excel Remote Code Execution Vulnerability (956416)
File : nvt/secpod_ms08-057_900048.nasl
2008-09-10Name : Microsoft Office Remote Code Execution Vulnerabilities (955047)
File : nvt/secpod_ms08-055_900046.nasl
2008-08-19Name : Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
File : nvt/secpod_ms08-043_900028.nasl
2008-08-19Name : Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
File : nvt/secpod_ms08-051_900033.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2010-A-0134Microsoft Windows COM Validation Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0025530
2010-A-0094Multiple Vulnerabilities in Microsoft Office Access
Severity : Category II - VMSKEY : V0024850
2010-A-0093Microsoft Office Outlook Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0024852
2009-A-0099Multiple Vulnerabilities in Microsoft GDI+
Severity : Category I - VMSKEY : V0021759
2008-A-0084Multiple Vulnerabilities in Microsoft XML Core Services
Severity : Category II - VMSKEY : V0017877
Hide | Show 2 More...
idDescription
2008-T-0053WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity : Category II - VMSKEY : V0017532
2008-B-0058Microsoft Office Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0017345

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2019-10-01Microsoft Office Excel invalid FRTWrapper record integer underflow attempt
RuleID : 51314 - Type : FILE-OFFICE - Revision : 1
2019-10-01Microsoft Office Excel invalid FRTWrapper record integer underflow attempt
RuleID : 51313 - Type : FILE-OFFICE - Revision : 1
2019-09-17Microsoft XML core services cross-domain information disclosure attempt
RuleID : 51038 - Type : BROWSER-IE - Revision : 1
2019-09-12Microsoft VBE6.dll stack corruption attempt
RuleID : 50959 - Type : FILE-OFFICE - Revision : 1
Hide | Show 20 More...
DateDescription
2019-08-27Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2017-11-28Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 44670 - Type : FILE-OFFICE - Revision : 1
2017-11-28Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 44669 - Type : FILE-OFFICE - Revision : 1
2017-08-24Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt
RuleID : 43699 - Type : FILE-OFFICE - Revision : 2
2017-08-24Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt
RuleID : 43698 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37699 - Type : FILE-OFFICE - Revision : 4
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37698 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37697 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37696 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37695 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37694 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37693 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37692 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37691 - Type : FILE-OFFICE - Revision : 2
2016-03-14Microsoft Windows malformed WMF meta escape record memory corruption attempt
RuleID : 36856 - Type : FILE-IMAGE - Revision : 2
2014-01-10Microsoft Windows Bitmap width integer overflow multipacket attempt
RuleID : 3634 - Type : WEB-CLIENT - Revision : 9
2014-01-10Microsoft Windows Bitmap width integer overflow attempt
RuleID : 3632 - Type : FILE-IMAGE - Revision : 25
2015-10-01Microsoft Windows Bitmap width integer overflow attempt
RuleID : 35848 - Type : FILE-IMAGE - Revision : 3
2015-03-24Microsoft Office Access multiple control instantiation memory corruption attempt
RuleID : 33548 - Type : BROWSER-PLUGINS - Revision : 2
2015-03-19Microsoft Windows GDI+ TIFF file parsing heap overflow attempt
RuleID : 33518 - Type : FILE-IMAGE - Revision : 3

Nessus® Vulnerability Scanner

idDescription
2014-03-10Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_kb957488.nasl - Type : ACT_GATHER_INFO
2010-10-20Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms08-057.nasl - Type : ACT_GATHER_INFO
2010-10-20Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_aug2008.nasl - Type : ACT_GATHER_INFO
2010-10-13Name : The remote windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms10-083.nasl - Type : ACT_GATHER_INFO
2010-07-13Name : The version of Microsoft Office on the remote Windows host has multiple code ...
File : smb_nt_ms10-044.nasl - Type : ACT_GATHER_INFO
Hide | Show 10 More...
idDescription
2010-07-13Name : The version of Microsoft Office installed on the remote Windows host has a co...
File : smb_nt_ms10-045.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : Arbitrary code can be executed on the remote host through opening a Microsoft...
File : smb_nt_ms10-036.nasl - Type : ACT_GATHER_INFO
2010-05-11Name : Arbitrary code can be executed on the remote host through Visual Basic for Ap...
File : smb_nt_ms10-031.nasl - Type : ACT_GATHER_INFO
2009-10-15Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_nt_ms09-062.nasl - Type : ACT_GATHER_INFO
2008-11-12Name : Arbitrary code can be executed on the remote host through the web or email cl...
File : smb_nt_ms08-069.nasl - Type : ACT_GATHER_INFO
2008-10-15Name : Arbitrary code can be executed on the remote host through Microsoft Excel.
File : smb_nt_ms08-057.nasl - Type : ACT_GATHER_INFO
2008-09-10Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_nt_ms08-052.nasl - Type : ACT_GATHER_INFO
2008-09-10Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms08-055.nasl - Type : ACT_GATHER_INFO
2008-08-13Name : Arbitrary code can be executed on the remote host through Microsoft Excel.
File : smb_nt_ms08-043.nasl - Type : ACT_GATHER_INFO
2008-08-13Name : Arbitrary code can be executed on the remote host through Microsoft PowerPoint.
File : smb_nt_ms08-051.nasl - Type : ACT_GATHER_INFO