CyberSecurityBoard
Sponsor Register Login

CVE-2009-0562

The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office Small Business Accounting 2006 does not properly allocate memory, which allows remote attackers to execute arbitrary code via unspecified vectors that trigger "system state" corruption, aka "Office Web Components Memory Allocation Vulnerability."

Publication date: Wed, 12 Aug 2009 22:30:00 +0000


Cyber News related to CVE-2009-0562

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
11 years ago
CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
11 years ago
CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
54 years ago Tenable.com
CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
4 years ago
CVE-2009-0562 - The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and ...
5 years ago
CVE-2011-0588 - Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different ...
5 years ago
CVE-2011-0562 - Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different ...
5 years ago
CVE-2011-0570 - Untrusted search path vulnerability in Adobe Reader and Acrobat 10.x before 10.0.1, 9.x before 9.4.2, and 8.x before 8.2.6 on Windows allows local users to gain privileges via a Trojan horse DLL in the current working directory, a different ...
5 years ago
CVE-2012-1748 - Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway, a different vulnerability than ...
6 years ago
CVE-2008-1465 - SQL injection vulnerability in the Detodas Restaurante (com_restaurante) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action to index.php, a different product than ...
6 years ago
CVE-2012-0562 - Unspecified vulnerability in the PeopleSoft Enterprise HRMS component in Oracle PeopleSoft Products 9.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Candidate Gateway, a different vulnerability than ...
6 years ago
CVE-2022-34266 - The libtiff-4.0.3-35.amzn2.0.1 package for LibTIFF on Amazon Linux 2 allows attackers to cause a denial of service (application crash), a different vulnerability than CVE-2022-0562. When processing a malicious TIFF file, an invalid range may be ...
1 year ago
CVE-2000-0562 - BlackIce Defender 2.1 and earlier, and BlackIce Pro 2.0.23 and earlier, do not properly block Back Orifice traffic when the security setting is Nervous or lower. ...
15 years ago
CVE-2010-0562 - The sdump function in sdump.c in fetchmail 6.3.11, 6.3.12, and 6.3.13, when running in verbose mode on platforms for which char is signed, allows remote attackers to cause a denial of service (application crash) or possibly execute arbitrary code via ...
13 years ago
CVE-2002-0562 - The default configuration of Oracle 9i Application Server 1.0.2.x running Oracle JSP or SQLJSP stores globals.jsa under the web root, which allows remote attackers to gain sensitive information including usernames and passwords via a direct HTTP ...
7 years ago
CVE-2003-0562 - Buffer overflow in the CGI2PERL.NLM PERL handler in Novell Netware 5.1 and 6.0 allows remote attackers to cause a denial of service (ABEND) via a long input string. ...
7 years ago
CVE-2014-0562 - Cross-site scripting (XSS) vulnerability in Adobe Reader and Acrobat 10.x before 10.1.12 and 11.x before 11.0.09 on OS X allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Universal XSS (UXSS)." ...
6 years ago
CVE-2016-0562 - Unspecified vulnerability in the Oracle Common Applications component in Oracle E-Business Suite 11.5.10.2, 12.1.1, 12.1.2, and 12.1.3 allows remote authenticated users to affect integrity via vectors related to CRM User Management Framework. ...
6 years ago
CVE-2008-0562 - SQL injection vulnerability in index.php in the Restaurant (com_restaurant) 1.0 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a detail action. ...
6 years ago
CVE-1999-0562 - The registry in Windows NT can be accessed remotely by users who are not administrators. ...
6 years ago
CVE-2007-0562 - Windows Explorer (explorer.exe) 6.0.2900.2180 in Microsoft Windows XP SP2 allows user-assisted remote attackers to cause a denial of service (application crash) via a crafted .avi file, which triggers the crash when the user right clicks on the file. ...
6 years ago
CVE-2001-0562 - a1disp.cgi program in Drummond Miles A1Stats prior to 1.6 allows a remote attacker to execute commands via a specially crafted URL which includes shell metacharacters. ...
6 years ago
CVE-2015-0562 - Multiple use-after-free vulnerabilities in epan/dissectors/packet-dec-dnart.c in the DEC DNA Routing Protocol dissector in Wireshark 1.10.x before 1.10.12 and 1.12.x before 1.12.3 allow remote attackers to cause a denial of service (application ...
6 years ago
CVE-2018-0562 - Untrusted search path vulnerability in Installer of SoundEngine Free ver.5.21 and earlier allows an attacker to gain privileges via a Trojan horse DLL in an unspecified directory. ...
6 years ago
CVE-2005-0562 - GIF file validation error in MSN Messenger 6.2 allows remote attackers in a user's contact list to execute arbitrary code via a GIF image with an improper height and width. ...
5 years ago

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)