Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    46 vulnerabilities found for frontpage by microsoft

    CVE-2013-3137 (GCVE-0-2013-3137)

    Vulnerability from nvd – Published: 2013-09-11 10:00 – Updated: 2024-08-06 16:00
    VLAI
    Summary
    Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.us-cert.gov/ncas/alerts/TA13-253A third-party-advisoryx_refsource_CERT
    Date Public
    2013-09-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:00:09.784Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MS13-078",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-078"
              },
              {
                "name": "TA13-253A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka \"XML Disclosure Vulnerability.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "MS13-078",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-078"
            },
            {
              "name": "TA13-253A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2013-3137",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka \"XML Disclosure Vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "MS13-078",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-078"
                },
                {
                  "name": "TA13-253A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2013-3137",
        "datePublished": "2013-09-11T10:00:00.000Z",
        "dateReserved": "2013-04-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:00:09.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3068 (GCVE-0-2008-3068)

    Vulnerability from nvd – Published: 2008-07-07 23:00 – Updated: 2024-08-07 09:21
    VLAI
    Summary
    Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2008-07-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:21:34.955Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt"
              },
              {
                "name": "3978",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3978"
              },
              {
                "name": "20080709 Re: Unauthorized reading confirmation from Outlook",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/494101/100/0/threaded"
              },
              {
                "name": "28548",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28548"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt"
              },
              {
                "name": "1019736",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019736"
              },
              {
                "name": "1019738",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019738"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt"
              },
              {
                "name": "1019737",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019737"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/techzone/http_over_x509.html"
              },
              {
                "name": "20080703 Unauthorized reading confirmation from Outlook",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/493947/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt"
            },
            {
              "name": "3978",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3978"
            },
            {
              "name": "20080709 Re: Unauthorized reading confirmation from Outlook",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/494101/100/0/threaded"
            },
            {
              "name": "28548",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28548"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt"
            },
            {
              "name": "1019736",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019736"
            },
            {
              "name": "1019738",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019738"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt"
            },
            {
              "name": "1019737",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019737"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/techzone/http_over_x509.html"
            },
            {
              "name": "20080703 Unauthorized reading confirmation from Outlook",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/493947/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3068",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt"
                },
                {
                  "name": "3978",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3978"
                },
                {
                  "name": "20080709 Re: Unauthorized reading confirmation from Outlook",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/494101/100/0/threaded"
                },
                {
                  "name": "28548",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28548"
                },
                {
                  "name": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt",
                  "refsource": "MISC",
                  "url": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt"
                },
                {
                  "name": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt"
                },
                {
                  "name": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt"
                },
                {
                  "name": "1019736",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019736"
                },
                {
                  "name": "1019738",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019738"
                },
                {
                  "name": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt",
                  "refsource": "MISC",
                  "url": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt"
                },
                {
                  "name": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt",
                  "refsource": "MISC",
                  "url": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt"
                },
                {
                  "name": "1019737",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019737"
                },
                {
                  "name": "https://www.cynops.de/techzone/http_over_x509.html",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/techzone/http_over_x509.html"
                },
                {
                  "name": "20080703 Unauthorized reading confirmation from Outlook",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/493947/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3068",
        "datePublished": "2008-07-07T23:00:00.000Z",
        "dateReserved": "2008-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:21:34.955Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3109 (GCVE-0-2007-3109)

    Vulnerability from nvd – Published: 2007-06-07 21:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/470458/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/42058 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/2784 third-party-advisoryx_refsource_SREASON
    Date Public
    2007-06-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:28.542Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070603 CERN \u0026#304;mage Map Dispatcher",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
              },
              {
                "name": "42058",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/42058"
              },
              {
                "name": "2784",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2784"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070603 CERN \u0026#304;mage Map Dispatcher",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
            },
            {
              "name": "42058",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/42058"
            },
            {
              "name": "2784",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2784"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3109",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070603 CERN \u0026#304;mage Map Dispatcher",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
                },
                {
                  "name": "42058",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/42058"
                },
                {
                  "name": "2784",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2784"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3109",
        "datePublished": "2007-06-07T21:00:00.000Z",
        "dateReserved": "2007-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:28.542Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-0671 (GCVE-0-2007-0671)

    Vulnerability from nvd – Published: 2007-02-03 01:00 – Updated: 2026-01-12 21:01
    VLAI CISA KEVIntel
    Summary
    Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Date Public
    2007-02-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:26:54.332Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0463",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0463"
              },
              {
                "name": "oval:org.mitre.oval:def:301",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301"
              },
              {
                "name": "31901",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/31901"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.microsoft.com/technet/security/advisory/932553.mspx"
              },
              {
                "name": "VU#613740",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/613740"
              },
              {
                "name": "1017584",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017584"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.avertlabs.com/research/blog/?p=191"
              },
              {
                "name": "24008",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24008"
              },
              {
                "name": "TA07-044A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
              },
              {
                "name": "MS07-015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
              },
              {
                "name": "office-unspecified-code-execution(32178)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32178"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://vil.nai.com/vil/content/v_141393.htm"
              },
              {
                "name": "22383",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22383"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2007-0671",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-12T03:55:16.148635Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-08-12",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-0671"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-12T21:01:27.416Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "url": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-0671"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "ADV-2007-0463",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0463"
            },
            {
              "name": "oval:org.mitre.oval:def:301",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301"
            },
            {
              "name": "31901",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/31901"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/932553.mspx"
            },
            {
              "name": "VU#613740",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/613740"
            },
            {
              "name": "1017584",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017584"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.avertlabs.com/research/blog/?p=191"
            },
            {
              "name": "24008",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24008"
            },
            {
              "name": "TA07-044A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
            },
            {
              "name": "MS07-015",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
            },
            {
              "name": "office-unspecified-code-execution(32178)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32178"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://vil.nai.com/vil/content/v_141393.htm"
            },
            {
              "name": "22383",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22383"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2007-0671",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-0463",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/0463"
                },
                {
                  "name": "oval:org.mitre.oval:def:301",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301"
                },
                {
                  "name": "31901",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/31901"
                },
                {
                  "name": "http://www.microsoft.com/technet/security/advisory/932553.mspx",
                  "refsource": "CONFIRM",
                  "url": "http://www.microsoft.com/technet/security/advisory/932553.mspx"
                },
                {
                  "name": "VU#613740",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/613740"
                },
                {
                  "name": "1017584",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017584"
                },
                {
                  "name": "http://www.avertlabs.com/research/blog/?p=191",
                  "refsource": "MISC",
                  "url": "http://www.avertlabs.com/research/blog/?p=191"
                },
                {
                  "name": "24008",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24008"
                },
                {
                  "name": "TA07-044A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
                },
                {
                  "name": "MS07-015",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
                },
                {
                  "name": "office-unspecified-code-execution(32178)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32178"
                },
                {
                  "name": "http://vil.nai.com/vil/content/v_141393.htm",
                  "refsource": "MISC",
                  "url": "http://vil.nai.com/vil/content/v_141393.htm"
                },
                {
                  "name": "22383",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22383"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2007-0671",
        "datePublished": "2007-02-03T01:00:00.000Z",
        "dateReserved": "2007-02-02T00:00:00.000Z",
        "dateUpdated": "2026-01-12T21:01:27.416Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2006-3877 (GCVE-0-2006-3877)

    Vulnerability from nvd – Published: 2006-10-10 22:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/20325 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/449179/100… vendor-advisoryx_refsource_HP
    http://www.kb.cert.org/vuls/id/205948 third-party-advisoryx_refsource_CERT-VN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.us-cert.gov/cas/techalerts/TA07-044A.html third-party-advisoryx_refsource_CERT
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.vupen.com/english/advisories/2006/3977 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.osvdb.org/29448 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1017030 vdb-entryx_refsource_SECTRACK
    Date Public
    2006-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.412Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20325",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20325"
              },
              {
                "name": "SSRT061264",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
              },
              {
                "name": "VU#205948",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/205948"
              },
              {
                "name": "oval:org.mitre.oval:def:568",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A568"
              },
              {
                "name": "TA07-044A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
              },
              {
                "name": "HPSBST02161",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
              },
              {
                "name": "MS07-015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
              },
              {
                "name": "ADV-2006-3977",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3977"
              },
              {
                "name": "oval:org.mitre.oval:def:220",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A220"
              },
              {
                "name": "MS06-058",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058"
              },
              {
                "name": "29448",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/29448"
              },
              {
                "name": "1017030",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017030"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified \"crafted file,\" a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "20325",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20325"
            },
            {
              "name": "SSRT061264",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
            },
            {
              "name": "VU#205948",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/205948"
            },
            {
              "name": "oval:org.mitre.oval:def:568",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A568"
            },
            {
              "name": "TA07-044A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
            },
            {
              "name": "HPSBST02161",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
            },
            {
              "name": "MS07-015",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
            },
            {
              "name": "ADV-2006-3977",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3977"
            },
            {
              "name": "oval:org.mitre.oval:def:220",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A220"
            },
            {
              "name": "MS06-058",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058"
            },
            {
              "name": "29448",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/29448"
            },
            {
              "name": "1017030",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017030"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2006-3877",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified \"crafted file,\" a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20325",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20325"
                },
                {
                  "name": "SSRT061264",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
                },
                {
                  "name": "VU#205948",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/205948"
                },
                {
                  "name": "oval:org.mitre.oval:def:568",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A568"
                },
                {
                  "name": "TA07-044A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
                },
                {
                  "name": "HPSBST02161",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
                },
                {
                  "name": "MS07-015",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
                },
                {
                  "name": "ADV-2006-3977",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3977"
                },
                {
                  "name": "oval:org.mitre.oval:def:220",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A220"
                },
                {
                  "name": "MS06-058",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058"
                },
                {
                  "name": "29448",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/29448"
                },
                {
                  "name": "1017030",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017030"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2006-3877",
        "datePublished": "2006-10-10T22:00:00.000Z",
        "dateReserved": "2006-07-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2143 (GCVE-0-2005-2143)

    Vulnerability from nvd – Published: 2005-07-05 04:00 – Updated: 2024-09-16 19:30
    VLAI
    Summary
    Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1014352 vdb-entryx_refsource_SECTRACK
    http://www.freewebs.com/xxosfilexx/HungFPage.html x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:15:37.457Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1014352",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014352"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.freewebs.com/xxosfilexx/HungFPage.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-07-05T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1014352",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014352"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.freewebs.com/xxosfilexx/HungFPage.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1014352",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014352"
                },
                {
                  "name": "http://www.freewebs.com/xxosfilexx/HungFPage.html",
                  "refsource": "MISC",
                  "url": "http://www.freewebs.com/xxosfilexx/HungFPage.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2143",
        "datePublished": "2005-07-05T04:00:00.000Z",
        "dateReserved": "2005-07-05T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:30:14.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2179 (GCVE-0-2004-2179)

    Vulnerability from nvd – Published: 2005-07-10 04:00 – Updated: 2024-09-16 19:19
    VLAI
    Summary
    asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/378619 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/378431 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/11412 vdb-entryx_refsource_BID
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.938Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041015 Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/378619"
              },
              {
                "name": "20041014 New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/378431"
              },
              {
                "name": "11412",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11412"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-07-10T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041015 Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/378619"
            },
            {
              "name": "20041014 New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/378431"
            },
            {
              "name": "11412",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11412"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2179",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041015 Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/378619"
                },
                {
                  "name": "20041014 New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/378431"
                },
                {
                  "name": "11412",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11412"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2179",
        "datePublished": "2005-07-10T04:00:00.000Z",
        "dateReserved": "2005-07-10T04:00:00.000Z",
        "dateUpdated": "2024-09-16T19:19:34.966Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0573 (GCVE-0-2004-0573)

    Vulnerability from nvd – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:24
    VLAI
    Summary
    Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=109519646030906&w=2 mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/12529 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1011251 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1011250 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1011249 vdb-entryx_refsource_SECTRACK
    http://www.kb.cert.org/vuls/id/449438 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1011252 vdb-entryx_refsource_SECTRACK
    Date Public
    2004-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:24:26.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109519646030906\u0026w=2"
              },
              {
                "name": "12529",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12529"
              },
              {
                "name": "oval:org.mitre.oval:def:5021",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
              },
              {
                "name": "1011251",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011251"
              },
              {
                "name": "oval:org.mitre.oval:def:3311",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311"
              },
              {
                "name": "MS04-027",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027"
              },
              {
                "name": "wordperfect-converter-message-bo(17306)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306"
              },
              {
                "name": "oval:org.mitre.oval:def:2670",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670"
              },
              {
                "name": "oval:org.mitre.oval:def:4005",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005"
              },
              {
                "name": "1011250",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011250"
              },
              {
                "name": "oval:org.mitre.oval:def:3333",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333"
              },
              {
                "name": "1011249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011249"
              },
              {
                "name": "VU#449438",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/449438"
              },
              {
                "name": "1011252",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011252"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109519646030906\u0026w=2"
            },
            {
              "name": "12529",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12529"
            },
            {
              "name": "oval:org.mitre.oval:def:5021",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
            },
            {
              "name": "1011251",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011251"
            },
            {
              "name": "oval:org.mitre.oval:def:3311",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311"
            },
            {
              "name": "MS04-027",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027"
            },
            {
              "name": "wordperfect-converter-message-bo(17306)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306"
            },
            {
              "name": "oval:org.mitre.oval:def:2670",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670"
            },
            {
              "name": "oval:org.mitre.oval:def:4005",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005"
            },
            {
              "name": "1011250",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011250"
            },
            {
              "name": "oval:org.mitre.oval:def:3333",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333"
            },
            {
              "name": "1011249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011249"
            },
            {
              "name": "VU#449438",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/449438"
            },
            {
              "name": "1011252",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011252"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0573",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109519646030906\u0026w=2"
                },
                {
                  "name": "12529",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12529"
                },
                {
                  "name": "oval:org.mitre.oval:def:5021",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
                },
                {
                  "name": "1011251",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011251"
                },
                {
                  "name": "oval:org.mitre.oval:def:3311",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311"
                },
                {
                  "name": "MS04-027",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027"
                },
                {
                  "name": "wordperfect-converter-message-bo(17306)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306"
                },
                {
                  "name": "oval:org.mitre.oval:def:2670",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670"
                },
                {
                  "name": "oval:org.mitre.oval:def:4005",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005"
                },
                {
                  "name": "1011250",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011250"
                },
                {
                  "name": "oval:org.mitre.oval:def:3333",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333"
                },
                {
                  "name": "1011249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011249"
                },
                {
                  "name": "VU#449438",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/449438"
                },
                {
                  "name": "1011252",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011252"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0573",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:24:26.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0200 (GCVE-0-2004-0200)

    Vulnerability from nvd – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.kb.cert.org/vuls/id/297462 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-260A.html third-party-advisoryx_refsource_CERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://marc.info/?l=bugtraq&m=109524346729948&w=2 mailing-listx_refsource_BUGTRAQ
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.857Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:3038",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038"
              },
              {
                "name": "oval:org.mitre.oval:def:1105",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105"
              },
              {
                "name": "VU#297462",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/297462"
              },
              {
                "name": "TA04-260A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html"
              },
              {
                "name": "oval:org.mitre.oval:def:3320",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320"
              },
              {
                "name": "oval:org.mitre.oval:def:2706",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706"
              },
              {
                "name": "20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2"
              },
              {
                "name": "oval:org.mitre.oval:def:1721",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721"
              },
              {
                "name": "oval:org.mitre.oval:def:3082",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082"
              },
              {
                "name": "MS04-028",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028"
              },
              {
                "name": "oval:org.mitre.oval:def:4003",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003"
              },
              {
                "name": "oval:org.mitre.oval:def:3810",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810"
              },
              {
                "name": "oval:org.mitre.oval:def:4216",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216"
              },
              {
                "name": "oval:org.mitre.oval:def:4307",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307"
              },
              {
                "name": "oval:org.mitre.oval:def:3881",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881"
              },
              {
                "name": "win-jpeg-bo(16304)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:3038",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038"
            },
            {
              "name": "oval:org.mitre.oval:def:1105",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105"
            },
            {
              "name": "VU#297462",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/297462"
            },
            {
              "name": "TA04-260A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:3320",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320"
            },
            {
              "name": "oval:org.mitre.oval:def:2706",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706"
            },
            {
              "name": "20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:1721",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721"
            },
            {
              "name": "oval:org.mitre.oval:def:3082",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082"
            },
            {
              "name": "MS04-028",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028"
            },
            {
              "name": "oval:org.mitre.oval:def:4003",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003"
            },
            {
              "name": "oval:org.mitre.oval:def:3810",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810"
            },
            {
              "name": "oval:org.mitre.oval:def:4216",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216"
            },
            {
              "name": "oval:org.mitre.oval:def:4307",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307"
            },
            {
              "name": "oval:org.mitre.oval:def:3881",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881"
            },
            {
              "name": "win-jpeg-bo(16304)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0200",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oval:org.mitre.oval:def:3038",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038"
                },
                {
                  "name": "oval:org.mitre.oval:def:1105",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105"
                },
                {
                  "name": "VU#297462",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/297462"
                },
                {
                  "name": "TA04-260A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:3320",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320"
                },
                {
                  "name": "oval:org.mitre.oval:def:2706",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706"
                },
                {
                  "name": "20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2"
                },
                {
                  "name": "oval:org.mitre.oval:def:1721",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721"
                },
                {
                  "name": "oval:org.mitre.oval:def:3082",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082"
                },
                {
                  "name": "MS04-028",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028"
                },
                {
                  "name": "oval:org.mitre.oval:def:4003",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003"
                },
                {
                  "name": "oval:org.mitre.oval:def:3810",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810"
                },
                {
                  "name": "oval:org.mitre.oval:def:4216",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216"
                },
                {
                  "name": "oval:org.mitre.oval:def:4307",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307"
                },
                {
                  "name": "oval:org.mitre.oval:def:3881",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881"
                },
                {
                  "name": "win-jpeg-bo(16304)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0200",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-03-11T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0681 (GCVE-0-1999-0681)

    Vulnerability from nvd – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
    VLAI
    Summary
    Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/bugtraq/19… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/568 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:48:37.517Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19990807 Crash FrontPage Remotely...",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html"
              },
              {
                "name": "568",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/568"
              },
              {
                "name": "frontpage-pws-dos(3117)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3117"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-11-02T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19990807 Crash FrontPage Remotely...",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html"
            },
            {
              "name": "568",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/568"
            },
            {
              "name": "frontpage-pws-dos(3117)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3117"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0681",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19990807 Crash FrontPage Remotely...",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html"
                },
                {
                  "name": "568",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/568"
                },
                {
                  "name": "frontpage-pws-dos(3117)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3117"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0681",
        "datePublished": "2001-05-07T04:00:00.000Z",
        "dateReserved": "1999-11-25T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:48:37.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0709 (GCVE-0-2000-0709)

    Vulnerability from nvd – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
    VLAI
    Summary
    The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2000-08-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:28:41.478Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
              },
              {
                "name": "1608",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1608"
              },
              {
                "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-08-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
            },
            {
              "name": "1608",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1608"
            },
            {
              "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0709",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp",
                  "refsource": "CONFIRM",
                  "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
                },
                {
                  "name": "1608",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1608"
                },
                {
                  "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0709",
        "datePublished": "2000-09-21T04:00:00.000Z",
        "dateReserved": "2000-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:28:41.478Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0710 (GCVE-0-2000-0710)

    Vulnerability from nvd – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
    VLAI
    Summary
    The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2000-08-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:28:40.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
              },
              {
                "name": "1608",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1608"
              },
              {
                "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-08-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-11T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
            },
            {
              "name": "1608",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1608"
            },
            {
              "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0710",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp",
                  "refsource": "CONFIRM",
                  "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
                },
                {
                  "name": "1608",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1608"
                },
                {
                  "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0710",
        "datePublished": "2000-09-21T04:00:00.000Z",
        "dateReserved": "2000-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:28:40.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0746 (GCVE-0-2000-0746)

    Vulnerability from nvd – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
    VLAI
    Summary
    Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/templates/archive.pi… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1594 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/1595 vdb-entryx_refsource_BID
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    Date Public
    2000-08-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:28:41.328Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=39A12BD6.E811BF4F%40nat.bg"
              },
              {
                "name": "1594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1594"
              },
              {
                "name": "1595",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1595"
              },
              {
                "name": "MS00-060",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-08-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.  They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client.  The client then executes those scripts in the same context as the trusted site, aka the \"IIS Cross-Site Scripting\" vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=39A12BD6.E811BF4F%40nat.bg"
            },
            {
              "name": "1594",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1594"
            },
            {
              "name": "1595",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1595"
            },
            {
              "name": "MS00-060",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0746",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.  They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client.  The client then executes those scripts in the same context as the trusted site, aka the \"IIS Cross-Site Scripting\" vulnerabilities."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=39A12BD6.E811BF4F@nat.bg"
                },
                {
                  "name": "1594",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1594"
                },
                {
                  "name": "1595",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1595"
                },
                {
                  "name": "MS00-060",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0746",
        "datePublished": "2000-09-21T04:00:00.000Z",
        "dateReserved": "2000-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:28:41.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2013-3137 (GCVE-0-2013-3137)

    Vulnerability from cvelistv5 – Published: 2013-09-11 10:00 – Updated: 2024-08-06 16:00
    VLAI
    Summary
    Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure Vulnerability."
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.us-cert.gov/ncas/alerts/TA13-253A third-party-advisoryx_refsource_CERT
    Date Public
    2013-09-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T16:00:09.784Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MS13-078",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-078"
              },
              {
                "name": "TA13-253A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2013-09-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka \"XML Disclosure Vulnerability.\""
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "MS13-078",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-078"
            },
            {
              "name": "TA13-253A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2013-3137",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka \"XML Disclosure Vulnerability.\""
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "MS13-078",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2013/ms13-078"
                },
                {
                  "name": "TA13-253A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/ncas/alerts/TA13-253A"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2013-3137",
        "datePublished": "2013-09-11T10:00:00.000Z",
        "dateReserved": "2013-04-17T00:00:00.000Z",
        "dateUpdated": "2024-08-06T16:00:09.784Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2008-3068 (GCVE-0-2008-3068)

    Vulnerability from cvelistv5 – Published: 2008-07-07 23:00 – Updated: 2024-08-07 09:21
    VLAI
    Summary
    Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    Date Public
    2008-07-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T09:21:34.955Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt"
              },
              {
                "name": "3978",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/3978"
              },
              {
                "name": "20080709 Re: Unauthorized reading confirmation from Outlook",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/494101/100/0/threaded"
              },
              {
                "name": "28548",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/28548"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt"
              },
              {
                "name": "1019736",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019736"
              },
              {
                "name": "1019738",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019738"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt"
              },
              {
                "name": "1019737",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1019737"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.cynops.de/techzone/http_over_x509.html"
              },
              {
                "name": "20080703 Unauthorized reading confirmation from Outlook",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/493947/100/0/threaded"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2008-07-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-11T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt"
            },
            {
              "name": "3978",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/3978"
            },
            {
              "name": "20080709 Re: Unauthorized reading confirmation from Outlook",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/494101/100/0/threaded"
            },
            {
              "name": "28548",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/28548"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt"
            },
            {
              "name": "1019736",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019736"
            },
            {
              "name": "1019738",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019738"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt"
            },
            {
              "name": "1019737",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1019737"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.cynops.de/techzone/http_over_x509.html"
            },
            {
              "name": "20080703 Unauthorized reading confirmation from Outlook",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/493947/100/0/threaded"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2008-3068",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-003.txt"
                },
                {
                  "name": "3978",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/3978"
                },
                {
                  "name": "20080709 Re: Unauthorized reading confirmation from Outlook",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/494101/100/0/threaded"
                },
                {
                  "name": "28548",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/28548"
                },
                {
                  "name": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt",
                  "refsource": "MISC",
                  "url": "https://www.klink.name/security/aklink-sa-2008-004-office2007-signatures.txt"
                },
                {
                  "name": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-002.txt"
                },
                {
                  "name": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/advisories/AKLINK-SA-2008-004.txt"
                },
                {
                  "name": "1019736",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019736"
                },
                {
                  "name": "1019738",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019738"
                },
                {
                  "name": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt",
                  "refsource": "MISC",
                  "url": "https://www.klink.name/security/aklink-sa-2008-003-live-mail-smime.txt"
                },
                {
                  "name": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt",
                  "refsource": "MISC",
                  "url": "https://www.klink.name/security/aklink-sa-2008-002-outlook-smime.txt"
                },
                {
                  "name": "1019737",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1019737"
                },
                {
                  "name": "https://www.cynops.de/techzone/http_over_x509.html",
                  "refsource": "MISC",
                  "url": "https://www.cynops.de/techzone/http_over_x509.html"
                },
                {
                  "name": "20080703 Unauthorized reading confirmation from Outlook",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/493947/100/0/threaded"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2008-3068",
        "datePublished": "2008-07-07T23:00:00.000Z",
        "dateReserved": "2008-07-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T09:21:34.955Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-3109 (GCVE-0-2007-3109)

    Vulnerability from cvelistv5 – Published: 2007-06-07 21:00 – Updated: 2024-08-07 14:05
    VLAI
    Summary
    The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/470458/100… mailing-listx_refsource_BUGTRAQ
    http://osvdb.org/42058 vdb-entryx_refsource_OSVDB
    http://securityreason.com/securityalert/2784 third-party-advisoryx_refsource_SREASON
    Date Public
    2007-06-03 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T14:05:28.542Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20070603 CERN \u0026#304;mage Map Dispatcher",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
              },
              {
                "name": "42058",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/42058"
              },
              {
                "name": "2784",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SREASON",
                  "x_transferred"
                ],
                "url": "http://securityreason.com/securityalert/2784"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-06-03T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-16T14:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20070603 CERN \u0026#304;mage Map Dispatcher",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
            },
            {
              "name": "42058",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/42058"
            },
            {
              "name": "2784",
              "tags": [
                "third-party-advisory",
                "x_refsource_SREASON"
              ],
              "url": "http://securityreason.com/securityalert/2784"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2007-3109",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20070603 CERN \u0026#304;mage Map Dispatcher",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/470458/100/0/threaded"
                },
                {
                  "name": "42058",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/42058"
                },
                {
                  "name": "2784",
                  "refsource": "SREASON",
                  "url": "http://securityreason.com/securityalert/2784"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2007-3109",
        "datePublished": "2007-06-07T21:00:00.000Z",
        "dateReserved": "2007-06-07T00:00:00.000Z",
        "dateUpdated": "2024-08-07T14:05:28.542Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2007-0671 (GCVE-0-2007-0671)

    Vulnerability from cvelistv5 – Published: 2007-02-03 01:00 – Updated: 2026-01-12 21:01
    VLAI CISA KEVIntel
    Summary
    Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
    SSVC
    Exploitation: active Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    Assigner
    Date Public
    2007-02-02 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T12:26:54.332Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "ADV-2007-0463",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2007/0463"
              },
              {
                "name": "oval:org.mitre.oval:def:301",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301"
              },
              {
                "name": "31901",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://osvdb.org/31901"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.microsoft.com/technet/security/advisory/932553.mspx"
              },
              {
                "name": "VU#613740",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/613740"
              },
              {
                "name": "1017584",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017584"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.avertlabs.com/research/blog/?p=191"
              },
              {
                "name": "24008",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/24008"
              },
              {
                "name": "TA07-044A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
              },
              {
                "name": "MS07-015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
              },
              {
                "name": "office-unspecified-code-execution(32178)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32178"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://vil.nai.com/vil/content/v_141393.htm"
              },
              {
                "name": "22383",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/22383"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "cvssV3_1": {
                  "attackComplexity": "LOW",
                  "attackVector": "NETWORK",
                  "availabilityImpact": "HIGH",
                  "baseScore": 8.8,
                  "baseSeverity": "HIGH",
                  "confidentialityImpact": "HIGH",
                  "integrityImpact": "HIGH",
                  "privilegesRequired": "NONE",
                  "scope": "UNCHANGED",
                  "userInteraction": "REQUIRED",
                  "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
                  "version": "3.1"
                }
              },
              {
                "other": {
                  "content": {
                    "id": "CVE-2007-0671",
                    "options": [
                      {
                        "Exploitation": "active"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-08-12T03:55:16.148635Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              },
              {
                "other": {
                  "content": {
                    "dateAdded": "2025-08-12",
                    "reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-0671"
                  },
                  "type": "kev"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "description": "CWE-noinfo Not enough information",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2026-01-12T21:01:27.416Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "references": [
              {
                "url": "https://learn.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
              },
              {
                "tags": [
                  "government-resource"
                ],
                "url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2007-0671"
              }
            ],
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2007-02-02T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "ADV-2007-0463",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2007/0463"
            },
            {
              "name": "oval:org.mitre.oval:def:301",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301"
            },
            {
              "name": "31901",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://osvdb.org/31901"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.microsoft.com/technet/security/advisory/932553.mspx"
            },
            {
              "name": "VU#613740",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/613740"
            },
            {
              "name": "1017584",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017584"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.avertlabs.com/research/blog/?p=191"
            },
            {
              "name": "24008",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/24008"
            },
            {
              "name": "TA07-044A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
            },
            {
              "name": "MS07-015",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
            },
            {
              "name": "office-unspecified-code-execution(32178)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32178"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://vil.nai.com/vil/content/v_141393.htm"
            },
            {
              "name": "22383",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/22383"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2007-0671",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "ADV-2007-0463",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2007/0463"
                },
                {
                  "name": "oval:org.mitre.oval:def:301",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A301"
                },
                {
                  "name": "31901",
                  "refsource": "OSVDB",
                  "url": "http://osvdb.org/31901"
                },
                {
                  "name": "http://www.microsoft.com/technet/security/advisory/932553.mspx",
                  "refsource": "CONFIRM",
                  "url": "http://www.microsoft.com/technet/security/advisory/932553.mspx"
                },
                {
                  "name": "VU#613740",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/613740"
                },
                {
                  "name": "1017584",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017584"
                },
                {
                  "name": "http://www.avertlabs.com/research/blog/?p=191",
                  "refsource": "MISC",
                  "url": "http://www.avertlabs.com/research/blog/?p=191"
                },
                {
                  "name": "24008",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/24008"
                },
                {
                  "name": "TA07-044A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
                },
                {
                  "name": "MS07-015",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
                },
                {
                  "name": "office-unspecified-code-execution(32178)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/32178"
                },
                {
                  "name": "http://vil.nai.com/vil/content/v_141393.htm",
                  "refsource": "MISC",
                  "url": "http://vil.nai.com/vil/content/v_141393.htm"
                },
                {
                  "name": "22383",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/22383"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2007-0671",
        "datePublished": "2007-02-03T01:00:00.000Z",
        "dateReserved": "2007-02-02T00:00:00.000Z",
        "dateUpdated": "2026-01-12T21:01:27.416Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.2"
    }

    CVE-2006-3877 (GCVE-0-2006-3877)

    Vulnerability from cvelistv5 – Published: 2006-10-10 22:00 – Updated: 2024-08-07 18:48
    VLAI
    Summary
    Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/bid/20325 vdb-entryx_refsource_BID
    http://www.securityfocus.com/archive/1/449179/100… vendor-advisoryx_refsource_HP
    http://www.kb.cert.org/vuls/id/205948 third-party-advisoryx_refsource_CERT-VN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.us-cert.gov/cas/techalerts/TA07-044A.html third-party-advisoryx_refsource_CERT
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.vupen.com/english/advisories/2006/3977 vdb-entryx_refsource_VUPEN
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.osvdb.org/29448 vdb-entryx_refsource_OSVDB
    http://securitytracker.com/id?1017030 vdb-entryx_refsource_SECTRACK
    Date Public
    2006-10-10 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T18:48:39.412Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20325",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/20325"
              },
              {
                "name": "SSRT061264",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
              },
              {
                "name": "VU#205948",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/205948"
              },
              {
                "name": "oval:org.mitre.oval:def:568",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A568"
              },
              {
                "name": "TA07-044A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
              },
              {
                "name": "HPSBST02161",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_HP",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
              },
              {
                "name": "MS07-015",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
              },
              {
                "name": "ADV-2006-3977",
                "tags": [
                  "vdb-entry",
                  "x_refsource_VUPEN",
                  "x_transferred"
                ],
                "url": "http://www.vupen.com/english/advisories/2006/3977"
              },
              {
                "name": "oval:org.mitre.oval:def:220",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A220"
              },
              {
                "name": "MS06-058",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058"
              },
              {
                "name": "29448",
                "tags": [
                  "vdb-entry",
                  "x_refsource_OSVDB",
                  "x_transferred"
                ],
                "url": "http://www.osvdb.org/29448"
              },
              {
                "name": "1017030",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1017030"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2006-10-10T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified \"crafted file,\" a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-17T20:57:01.000Z",
            "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
            "shortName": "microsoft"
          },
          "references": [
            {
              "name": "20325",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/20325"
            },
            {
              "name": "SSRT061264",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
            },
            {
              "name": "VU#205948",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/205948"
            },
            {
              "name": "oval:org.mitre.oval:def:568",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A568"
            },
            {
              "name": "TA07-044A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
            },
            {
              "name": "HPSBST02161",
              "tags": [
                "vendor-advisory",
                "x_refsource_HP"
              ],
              "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
            },
            {
              "name": "MS07-015",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
            },
            {
              "name": "ADV-2006-3977",
              "tags": [
                "vdb-entry",
                "x_refsource_VUPEN"
              ],
              "url": "http://www.vupen.com/english/advisories/2006/3977"
            },
            {
              "name": "oval:org.mitre.oval:def:220",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A220"
            },
            {
              "name": "MS06-058",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058"
            },
            {
              "name": "29448",
              "tags": [
                "vdb-entry",
                "x_refsource_OSVDB"
              ],
              "url": "http://www.osvdb.org/29448"
            },
            {
              "name": "1017030",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1017030"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secure@microsoft.com",
              "ID": "CVE-2006-3877",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified \"crafted file,\" a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20325",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/20325"
                },
                {
                  "name": "SSRT061264",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
                },
                {
                  "name": "VU#205948",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/205948"
                },
                {
                  "name": "oval:org.mitre.oval:def:568",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A568"
                },
                {
                  "name": "TA07-044A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA07-044A.html"
                },
                {
                  "name": "HPSBST02161",
                  "refsource": "HP",
                  "url": "http://www.securityfocus.com/archive/1/449179/100/0/threaded"
                },
                {
                  "name": "MS07-015",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2007/ms07-015"
                },
                {
                  "name": "ADV-2006-3977",
                  "refsource": "VUPEN",
                  "url": "http://www.vupen.com/english/advisories/2006/3977"
                },
                {
                  "name": "oval:org.mitre.oval:def:220",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A220"
                },
                {
                  "name": "MS06-058",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2006/ms06-058"
                },
                {
                  "name": "29448",
                  "refsource": "OSVDB",
                  "url": "http://www.osvdb.org/29448"
                },
                {
                  "name": "1017030",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1017030"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
        "assignerShortName": "microsoft",
        "cveId": "CVE-2006-3877",
        "datePublished": "2006-10-10T22:00:00.000Z",
        "dateReserved": "2006-07-26T00:00:00.000Z",
        "dateUpdated": "2024-08-07T18:48:39.412Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-2179 (GCVE-0-2004-2179)

    Vulnerability from cvelistv5 – Published: 2005-07-10 04:00 – Updated: 2024-09-16 19:19
    VLAI
    Summary
    asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/archive/1/378619 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/archive/1/378431 mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/11412 vdb-entryx_refsource_BID
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T01:15:01.938Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20041015 Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/378619"
              },
              {
                "name": "20041014 New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/archive/1/378431"
              },
              {
                "name": "11412",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/11412"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-07-10T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20041015 Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/378619"
            },
            {
              "name": "20041014 New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/archive/1/378431"
            },
            {
              "name": "11412",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/11412"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-2179",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20041015 Re: New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/378619"
                },
                {
                  "name": "20041014 New Remote Microsoft JPEG DoS Vulnerability + Other Potential Security Vulnerabilitys in asycpict.dll 1.0 Advisory",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/archive/1/378431"
                },
                {
                  "name": "11412",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/11412"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-2179",
        "datePublished": "2005-07-10T04:00:00.000Z",
        "dateReserved": "2005-07-10T04:00:00.000Z",
        "dateUpdated": "2024-09-16T19:19:34.966Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2005-2143 (GCVE-0-2005-2143)

    Vulnerability from cvelistv5 – Published: 2005-07-05 04:00 – Updated: 2024-09-16 19:30
    VLAI
    Summary
    Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://securitytracker.com/id?1014352 vdb-entryx_refsource_SECTRACK
    http://www.freewebs.com/xxosfilexx/HungFPage.html x_refsource_MISC
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-07T22:15:37.457Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "1014352",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1014352"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.freewebs.com/xxosfilexx/HungFPage.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-07-05T04:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "1014352",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1014352"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.freewebs.com/xxosfilexx/HungFPage.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2005-2143",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "1014352",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1014352"
                },
                {
                  "name": "http://www.freewebs.com/xxosfilexx/HungFPage.html",
                  "refsource": "MISC",
                  "url": "http://www.freewebs.com/xxosfilexx/HungFPage.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2005-2143",
        "datePublished": "2005-07-05T04:00:00.000Z",
        "dateReserved": "2005-07-05T00:00:00.000Z",
        "dateUpdated": "2024-09-16T19:30:14.655Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0573 (GCVE-0-2004-0573)

    Vulnerability from cvelistv5 – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:24
    VLAI
    Summary
    Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=109519646030906&w=2 mailing-listx_refsource_BUGTRAQ
    http://secunia.com/advisories/12529 third-party-advisoryx_refsource_SECUNIA
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1011251 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1011250 vdb-entryx_refsource_SECTRACK
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://securitytracker.com/id?1011249 vdb-entryx_refsource_SECTRACK
    http://www.kb.cert.org/vuls/id/449438 third-party-advisoryx_refsource_CERT-VN
    http://securitytracker.com/id?1011252 vdb-entryx_refsource_SECTRACK
    Date Public
    2004-09-14 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:24:26.654Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109519646030906\u0026w=2"
              },
              {
                "name": "12529",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/12529"
              },
              {
                "name": "oval:org.mitre.oval:def:5021",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
              },
              {
                "name": "1011251",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011251"
              },
              {
                "name": "oval:org.mitre.oval:def:3311",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311"
              },
              {
                "name": "MS04-027",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027"
              },
              {
                "name": "wordperfect-converter-message-bo(17306)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306"
              },
              {
                "name": "oval:org.mitre.oval:def:2670",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670"
              },
              {
                "name": "oval:org.mitre.oval:def:4005",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005"
              },
              {
                "name": "1011250",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011250"
              },
              {
                "name": "oval:org.mitre.oval:def:3333",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333"
              },
              {
                "name": "1011249",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011249"
              },
              {
                "name": "VU#449438",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/449438"
              },
              {
                "name": "1011252",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://securitytracker.com/id?1011252"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-14T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109519646030906\u0026w=2"
            },
            {
              "name": "12529",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/12529"
            },
            {
              "name": "oval:org.mitre.oval:def:5021",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
            },
            {
              "name": "1011251",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011251"
            },
            {
              "name": "oval:org.mitre.oval:def:3311",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311"
            },
            {
              "name": "MS04-027",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027"
            },
            {
              "name": "wordperfect-converter-message-bo(17306)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306"
            },
            {
              "name": "oval:org.mitre.oval:def:2670",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670"
            },
            {
              "name": "oval:org.mitre.oval:def:4005",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005"
            },
            {
              "name": "1011250",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011250"
            },
            {
              "name": "oval:org.mitre.oval:def:3333",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333"
            },
            {
              "name": "1011249",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011249"
            },
            {
              "name": "VU#449438",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/449438"
            },
            {
              "name": "1011252",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://securitytracker.com/id?1011252"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0573",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20040914 Microsoft Office WordPerfect Converter Buffer Overflow Vulnerability",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109519646030906\u0026w=2"
                },
                {
                  "name": "12529",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/12529"
                },
                {
                  "name": "oval:org.mitre.oval:def:5021",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5021"
                },
                {
                  "name": "1011251",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011251"
                },
                {
                  "name": "oval:org.mitre.oval:def:3311",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3311"
                },
                {
                  "name": "MS04-027",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-027"
                },
                {
                  "name": "wordperfect-converter-message-bo(17306)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/17306"
                },
                {
                  "name": "oval:org.mitre.oval:def:2670",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2670"
                },
                {
                  "name": "oval:org.mitre.oval:def:4005",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4005"
                },
                {
                  "name": "1011250",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011250"
                },
                {
                  "name": "oval:org.mitre.oval:def:3333",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3333"
                },
                {
                  "name": "1011249",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011249"
                },
                {
                  "name": "VU#449438",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/449438"
                },
                {
                  "name": "1011252",
                  "refsource": "SECTRACK",
                  "url": "http://securitytracker.com/id?1011252"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0573",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-06-15T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:24:26.654Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2004-0200 (GCVE-0-2004-0200)

    Vulnerability from cvelistv5 – Published: 2004-09-17 04:00 – Updated: 2024-08-08 00:10
    VLAI
    Summary
    Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://www.kb.cert.org/vuls/id/297462 third-party-advisoryx_refsource_CERT-VN
    http://www.us-cert.gov/cas/techalerts/TA04-260A.html third-party-advisoryx_refsource_CERT
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    http://marc.info/?l=bugtraq&m=109524346729948&w=2 mailing-listx_refsource_BUGTRAQ
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://oval.cisecurity.org/repository/search/def… vdb-entrysignaturex_refsource_OVAL
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Date Public
    2004-09-15 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T00:10:03.857Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "oval:org.mitre.oval:def:3038",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038"
              },
              {
                "name": "oval:org.mitre.oval:def:1105",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105"
              },
              {
                "name": "VU#297462",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT-VN",
                  "x_transferred"
                ],
                "url": "http://www.kb.cert.org/vuls/id/297462"
              },
              {
                "name": "TA04-260A",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html"
              },
              {
                "name": "oval:org.mitre.oval:def:3320",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320"
              },
              {
                "name": "oval:org.mitre.oval:def:2706",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706"
              },
              {
                "name": "20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2"
              },
              {
                "name": "oval:org.mitre.oval:def:1721",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721"
              },
              {
                "name": "oval:org.mitre.oval:def:3082",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082"
              },
              {
                "name": "MS04-028",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028"
              },
              {
                "name": "oval:org.mitre.oval:def:4003",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003"
              },
              {
                "name": "oval:org.mitre.oval:def:3810",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810"
              },
              {
                "name": "oval:org.mitre.oval:def:4216",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216"
              },
              {
                "name": "oval:org.mitre.oval:def:4307",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307"
              },
              {
                "name": "oval:org.mitre.oval:def:3881",
                "tags": [
                  "vdb-entry",
                  "signature",
                  "x_refsource_OVAL",
                  "x_transferred"
                ],
                "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881"
              },
              {
                "name": "win-jpeg-bo(16304)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2004-09-15T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "oval:org.mitre.oval:def:3038",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038"
            },
            {
              "name": "oval:org.mitre.oval:def:1105",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105"
            },
            {
              "name": "VU#297462",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT-VN"
              ],
              "url": "http://www.kb.cert.org/vuls/id/297462"
            },
            {
              "name": "TA04-260A",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html"
            },
            {
              "name": "oval:org.mitre.oval:def:3320",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320"
            },
            {
              "name": "oval:org.mitre.oval:def:2706",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706"
            },
            {
              "name": "20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2"
            },
            {
              "name": "oval:org.mitre.oval:def:1721",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721"
            },
            {
              "name": "oval:org.mitre.oval:def:3082",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082"
            },
            {
              "name": "MS04-028",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028"
            },
            {
              "name": "oval:org.mitre.oval:def:4003",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003"
            },
            {
              "name": "oval:org.mitre.oval:def:3810",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810"
            },
            {
              "name": "oval:org.mitre.oval:def:4216",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216"
            },
            {
              "name": "oval:org.mitre.oval:def:4307",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307"
            },
            {
              "name": "oval:org.mitre.oval:def:3881",
              "tags": [
                "vdb-entry",
                "signature",
                "x_refsource_OVAL"
              ],
              "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881"
            },
            {
              "name": "win-jpeg-bo(16304)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2004-0200",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "oval:org.mitre.oval:def:3038",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3038"
                },
                {
                  "name": "oval:org.mitre.oval:def:1105",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1105"
                },
                {
                  "name": "VU#297462",
                  "refsource": "CERT-VN",
                  "url": "http://www.kb.cert.org/vuls/id/297462"
                },
                {
                  "name": "TA04-260A",
                  "refsource": "CERT",
                  "url": "http://www.us-cert.gov/cas/techalerts/TA04-260A.html"
                },
                {
                  "name": "oval:org.mitre.oval:def:3320",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3320"
                },
                {
                  "name": "oval:org.mitre.oval:def:2706",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2706"
                },
                {
                  "name": "20040914 Microsoft GDIPlus.DLL JPEG Parsing Engine Buffer Overflow",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=109524346729948\u0026w=2"
                },
                {
                  "name": "oval:org.mitre.oval:def:1721",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A1721"
                },
                {
                  "name": "oval:org.mitre.oval:def:3082",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3082"
                },
                {
                  "name": "MS04-028",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2004/ms04-028"
                },
                {
                  "name": "oval:org.mitre.oval:def:4003",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4003"
                },
                {
                  "name": "oval:org.mitre.oval:def:3810",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3810"
                },
                {
                  "name": "oval:org.mitre.oval:def:4216",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4216"
                },
                {
                  "name": "oval:org.mitre.oval:def:4307",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A4307"
                },
                {
                  "name": "oval:org.mitre.oval:def:3881",
                  "refsource": "OVAL",
                  "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3881"
                },
                {
                  "name": "win-jpeg-bo(16304)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/16304"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2004-0200",
        "datePublished": "2004-09-17T04:00:00.000Z",
        "dateReserved": "2004-03-11T00:00:00.000Z",
        "dateUpdated": "2024-08-08T00:10:03.857Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-1052 (GCVE-0-1999-1052)

    Vulnerability from cvelistv5 – Published: 2001-09-12 04:00 – Updated: 2024-08-01 16:55
    VLAI
    Summary
    Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=bugtraq&m=93582550911564&w=2 mailing-listx_refsource_BUGTRAQ
    Date Public
    1999-08-24 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:55:29.511Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19990824 Front Page form_results",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=bugtraq\u0026m=93582550911564\u0026w=2"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "1999-08-24T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19990824 Front Page form_results",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://marc.info/?l=bugtraq\u0026m=93582550911564\u0026w=2"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-1052",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft FrontPage stores form results in a default location in /_private/form_results.txt, which is world-readable and accessible in the document root, which allows remote attackers to read possibly sensitive information submitted by other users."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19990824 Front Page form_results",
                  "refsource": "BUGTRAQ",
                  "url": "http://marc.info/?l=bugtraq\u0026m=93582550911564\u0026w=2"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-1052",
        "datePublished": "2001-09-12T04:00:00.000Z",
        "dateReserved": "2001-08-31T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:55:29.511Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-1016 (GCVE-0-1999-1016)

    Vulnerability from cvelistv5 – Published: 2001-09-12 04:00 – Updated: 2024-08-01 16:55
    VLAI
    Summary
    Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://marc.info/?l=ntbugtraq&m=93578772920970&w=2 mailing-listx_refsource_NTBUGTRAQ
    http://www.securityfocus.com/bid/606 vdb-entryx_refsource_BID
    Date Public
    1999-08-27 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:55:29.417Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19990827 HTML code to crash IE5 and Outlook Express 5",
                "tags": [
                  "mailing-list",
                  "x_refsource_NTBUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://marc.info/?l=ntbugtraq\u0026m=93578772920970\u0026w=2"
              },
              {
                "name": "606",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/606"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "1999-08-27T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2016-10-17T13:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19990827 HTML code to crash IE5 and Outlook Express 5",
              "tags": [
                "mailing-list",
                "x_refsource_NTBUGTRAQ"
              ],
              "url": "http://marc.info/?l=ntbugtraq\u0026m=93578772920970\u0026w=2"
            },
            {
              "name": "606",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/606"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-1016",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Microsoft HTML control as used in (1) Internet Explorer 5.0, (2) FrontPage Express, (3) Outlook Express 5, and (4) Eudora, and possibly others, allows remote malicious web site or HTML emails to cause a denial of service (100% CPU consumption) via large HTML form fields such as text inputs in a table cell."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19990827 HTML code to crash IE5 and Outlook Express 5",
                  "refsource": "NTBUGTRAQ",
                  "url": "http://marc.info/?l=ntbugtraq\u0026m=93578772920970\u0026w=2"
                },
                {
                  "name": "606",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/606"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-1016",
        "datePublished": "2001-09-12T04:00:00.000Z",
        "dateReserved": "2001-08-31T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:55:29.417Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-1999-0681 (GCVE-0-1999-0681)

    Vulnerability from cvelistv5 – Published: 2001-05-07 04:00 – Updated: 2024-08-01 16:48
    VLAI
    Summary
    Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/bugtraq/19… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/568 vdb-entryx_refsource_BID
    https://exchange.xforce.ibmcloud.com/vulnerabilit… vdb-entryx_refsource_XF
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-01T16:48:37.517Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "19990807 Crash FrontPage Remotely...",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html"
              },
              {
                "name": "568",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/568"
              },
              {
                "name": "frontpage-pws-dos(3117)",
                "tags": [
                  "vdb-entry",
                  "x_refsource_XF",
                  "x_transferred"
                ],
                "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3117"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-11-02T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "19990807 Crash FrontPage Remotely...",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html"
            },
            {
              "name": "568",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/568"
            },
            {
              "name": "frontpage-pws-dos(3117)",
              "tags": [
                "vdb-entry",
                "x_refsource_XF"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3117"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-1999-0681",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "19990807 Crash FrontPage Remotely...",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/1999-q3/0381.html"
                },
                {
                  "name": "568",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/568"
                },
                {
                  "name": "frontpage-pws-dos(3117)",
                  "refsource": "XF",
                  "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/3117"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-1999-0681",
        "datePublished": "2001-05-07T04:00:00.000Z",
        "dateReserved": "1999-11-25T00:00:00.000Z",
        "dateUpdated": "2024-08-01T16:48:37.517Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0709 (GCVE-0-2000-0709)

    Vulnerability from cvelistv5 – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
    VLAI
    Summary
    The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2000-08-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:28:41.478Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
              },
              {
                "name": "1608",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1608"
              },
              {
                "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-08-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
            },
            {
              "name": "1608",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1608"
            },
            {
              "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0709",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp",
                  "refsource": "CONFIRM",
                  "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
                },
                {
                  "name": "1608",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1608"
                },
                {
                  "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0709",
        "datePublished": "2000-09-21T04:00:00.000Z",
        "dateReserved": "2000-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:28:41.478Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0710 (GCVE-0-2000-0710)

    Vulnerability from cvelistv5 – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
    VLAI
    Summary
    The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    Date Public
    2000-08-23 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:28:40.980Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
              },
              {
                "name": "1608",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1608"
              },
              {
                "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-08-23T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-07-11T16:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
            },
            {
              "name": "1608",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1608"
            },
            {
              "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0710",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp",
                  "refsource": "CONFIRM",
                  "url": "http://msdn.microsoft.com/workshop/languages/fp/2000/sr12.asp"
                },
                {
                  "name": "1608",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1608"
                },
                {
                  "name": "20000823 Xato Advisory: FrontPage DOS Device DoS",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-08/0288.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0710",
        "datePublished": "2000-09-21T04:00:00.000Z",
        "dateReserved": "2000-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:28:40.980Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0746 (GCVE-0-2000-0746)

    Vulnerability from cvelistv5 – Published: 2000-09-21 04:00 – Updated: 2024-08-08 05:28
    VLAI
    Summary
    Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks. They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client. The client then executes those scripts in the same context as the trusted site, aka the "IIS Cross-Site Scripting" vulnerabilities.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://www.securityfocus.com/templates/archive.pi… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1594 vdb-entryx_refsource_BID
    http://www.securityfocus.com/bid/1595 vdb-entryx_refsource_BID
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    Date Public
    2000-08-20 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:28:41.328Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=39A12BD6.E811BF4F%40nat.bg"
              },
              {
                "name": "1594",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1594"
              },
              {
                "name": "1595",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1595"
              },
              {
                "name": "MS00-060",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-08-20T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.  They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client.  The client then executes those scripts in the same context as the trusted site, aka the \"IIS Cross-Site Scripting\" vulnerabilities."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2018-10-12T19:57:01.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=39A12BD6.E811BF4F%40nat.bg"
            },
            {
              "name": "1594",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1594"
            },
            {
              "name": "1595",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1595"
            },
            {
              "name": "MS00-060",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0746",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.  They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client.  The client then executes those scripts in the same context as the trusted site, aka the \"IIS Cross-Site Scripting\" vulnerabilities."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20000821 IIS 5.0 cross site scripting vulnerability - using .shtml files or /_vti_bin/shtml.dll",
                  "refsource": "BUGTRAQ",
                  "url": "http://www.securityfocus.com/templates/archive.pike?list=1\u0026msg=39A12BD6.E811BF4F@nat.bg"
                },
                {
                  "name": "1594",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1594"
                },
                {
                  "name": "1595",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1595"
                },
                {
                  "name": "MS00-060",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-060"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0746",
        "datePublished": "2000-09-21T04:00:00.000Z",
        "dateReserved": "2000-09-19T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:28:41.328Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0419 (GCVE-0-2000-0419)

    Vulnerability from cvelistv5 – Published: 2000-07-12 04:00 – Updated: 2024-08-08 05:14
    VLAI
    Summary
    The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    https://docs.microsoft.com/en-us/security-updates… vendor-advisoryx_refsource_MS
    http://www.securityfocus.com/bid/1197 vdb-entryx_refsource_BID
    http://www.microsoft.com/technet/support/kb.asp?I… vendor-advisoryx_refsource_MSKB
    http://www.cert.org/advisories/CA-2000-07.html third-party-advisoryx_refsource_CERT
    Date Public
    2000-05-11 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:14:21.483Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "MS00-034",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MS",
                  "x_transferred"
                ],
                "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034"
              },
              {
                "name": "1197",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1197"
              },
              {
                "name": "Q262767",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MSKB",
                  "x_transferred"
                ],
                "url": "http://www.microsoft.com/technet/support/kb.asp?ID=262767"
              },
              {
                "name": "CA-2000-07",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_CERT",
                  "x_transferred"
                ],
                "url": "http://www.cert.org/advisories/CA-2000-07.html"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-05-11T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The Office 2000 UA ActiveX Control is marked as \"safe for scripting,\" which allows remote attackers to conduct unauthorized activities via the \"Show Me\" function in Office Help, aka the \"Office 2000 UA Control\" vulnerability."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2005-11-02T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "MS00-034",
              "tags": [
                "vendor-advisory",
                "x_refsource_MS"
              ],
              "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034"
            },
            {
              "name": "1197",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1197"
            },
            {
              "name": "Q262767",
              "tags": [
                "vendor-advisory",
                "x_refsource_MSKB"
              ],
              "url": "http://www.microsoft.com/technet/support/kb.asp?ID=262767"
            },
            {
              "name": "CA-2000-07",
              "tags": [
                "third-party-advisory",
                "x_refsource_CERT"
              ],
              "url": "http://www.cert.org/advisories/CA-2000-07.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0419",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The Office 2000 UA ActiveX Control is marked as \"safe for scripting,\" which allows remote attackers to conduct unauthorized activities via the \"Show Me\" function in Office Help, aka the \"Office 2000 UA Control\" vulnerability."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "MS00-034",
                  "refsource": "MS",
                  "url": "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2000/ms00-034"
                },
                {
                  "name": "1197",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1197"
                },
                {
                  "name": "Q262767",
                  "refsource": "MSKB",
                  "url": "http://www.microsoft.com/technet/support/kb.asp?ID=262767"
                },
                {
                  "name": "CA-2000-07",
                  "refsource": "CERT",
                  "url": "http://www.cert.org/advisories/CA-2000-07.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0419",
        "datePublished": "2000-07-12T04:00:00.000Z",
        "dateReserved": "2000-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:14:21.483Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2000-0413 (GCVE-0-2000-0413)

    Vulnerability from cvelistv5 – Published: 2000-06-15 04:00 – Updated: 2024-08-08 05:14
    VLAI
    Summary
    The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://archives.neohapsis.com/archives/bugtraq/20… mailing-listx_refsource_BUGTRAQ
    http://www.securityfocus.com/bid/1174 vdb-entryx_refsource_BID
    Date Public
    2000-05-06 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-08T05:14:21.497Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "20000506 shtml.exe reveal local path of IIS web directory",
                "tags": [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
                  "x_transferred"
                ],
                "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0084.html"
              },
              {
                "name": "1174",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/1174"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2000-05-06T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2003-03-21T10:00:00.000Z",
            "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
            "shortName": "mitre"
          },
          "references": [
            {
              "name": "20000506 shtml.exe reveal local path of IIS web directory",
              "tags": [
                "mailing-list",
                "x_refsource_BUGTRAQ"
              ],
              "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0084.html"
            },
            {
              "name": "1174",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/1174"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "cve@mitre.org",
              "ID": "CVE-2000-0413",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "20000506 shtml.exe reveal local path of IIS web directory",
                  "refsource": "BUGTRAQ",
                  "url": "http://archives.neohapsis.com/archives/bugtraq/2000-05/0084.html"
                },
                {
                  "name": "1174",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/1174"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "assignerShortName": "mitre",
        "cveId": "CVE-2000-0413",
        "datePublished": "2000-06-15T04:00:00.000Z",
        "dateReserved": "2000-06-14T00:00:00.000Z",
        "dateUpdated": "2024-08-08T05:14:21.497Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }