Microsoft Corporation

Short Name: Microsoft
Previous Names: [None Entered]
URL: http://www..microsoft.com/ [visit link]
Email: [None Entered]
Security URL: http://www.microsoft.com/security/ [visit link]
Security Email: securemicrosoft.com
Knowledge Base: http://support.microsoft.com/default.aspx?scid=fh;EN-US;KBHOWTO [visit link]
Notes: Contact web form: http://support.microsoft.com/common/international.aspx?rdpath=fh;en-us;cntactms Security web form: https://www.microsoft.com/technet/security/bulletin/alertus.aspx.

Vulnerabilities by Vendor Product

Microsoft Corporation

Microsoft Corporation
Forefront Client Security Watch-list
1.0
OSVDB ID: 47965 Microsoft Multiple Products GDI+ VML Gradient Size Handling Overflow
Unspecified
OSVDB ID: 93396 Microsoft Malware Protection Engine Crafted File Scan Handling Memory Corruption
Excel Viewer Watch-list
2000
OSVDB ID: 23900 Microsoft Office Excel Malformed Description Arbitrary Code Execution
OSVDB ID: 23899 Microsoft Office Excel BIFF File Processing Malformed BOOLERR Record Arbitrary Code Execution
OSVDB ID: 23901 Microsoft Office Excel Malformed Graphic Arbitrary Code Execution
OSVDB ID: 23902 Microsoft Office Excel Malformed Record Arbitrary Code Execution
OSVDB ID: 23902 Microsoft Office Excel Malformed Record Arbitrary Code Execution
OSVDB ID: 23903 Microsoft Office Crafted Routing Slip Arbitrary Code Execution
2002
OSVDB ID: 23900 Microsoft Office Excel Malformed Description Arbitrary Code Execution
OSVDB ID: 23899 Microsoft Office Excel BIFF File Processing Malformed BOOLERR Record Arbitrary Code Execution
OSVDB ID: 23901 Microsoft Office Excel Malformed Graphic Arbitrary Code Execution
OSVDB ID: 23902 Microsoft Office Excel Malformed Record Arbitrary Code Execution
OSVDB ID: 23902 Microsoft Office Excel Malformed Record Arbitrary Code Execution
OSVDB ID: 23903 Microsoft Office Crafted Routing Slip Arbitrary Code Execution
2003 SP1
OSVDB ID: 23903 Microsoft Office Crafted Routing Slip Arbitrary Code Execution
2003 SP2
OSVDB ID: 23903 Microsoft Office Crafted Routing Slip Arbitrary Code Execution
2003
OSVDB ID: 42730 Microsoft Excel BIFF File Format Rich Text Tag Malformed Tag Memory Corruption
OSVDB ID: 34395 Microsoft Excel Filter Record Handling Remote Code Execution
OSVDB ID: 31249 Microsoft Excel Malformed Record Memory Access Code Execution
OSVDB ID: 23900 Microsoft Office Excel Malformed Description Arbitrary Code Execution
OSVDB ID: 23899 Microsoft Office Excel BIFF File Processing Malformed BOOLERR Record Arbitrary Code Execution
OSVDB ID: 34393 Microsoft Excel BIFF Record Named Graph Record Parsing Overflow
OSVDB ID: 34394 Microsoft Office Excel Set Font Handling Remote Code Execution
OSVDB ID: 29430 Microsoft Office Malformed Smart Tag Arbitrary Code Execution
OSVDB ID: 23901 Microsoft Office Excel Malformed Graphic Arbitrary Code Execution
OSVDB ID: 23902 Microsoft Office Excel Malformed Record Arbitrary Code Execution
OSVDB ID: 23902 Microsoft Office Excel Malformed Record Arbitrary Code Execution
OSVDB ID: 42732 Microsoft Excel Macro Validation Unspecified Code Execution
OSVDB ID: 29428 Microsoft Office Malformed Chart Record Unspecified Arbitrary Code Execution
2003 Gold
OSVDB ID: 50557 Microsoft Excel NAME Record Global Array Parsing Memory Corruption
OSVDB ID: 50555 Microsoft Excel Malformed Formula Parsing Memory Corruption
2003 SP3
OSVDB ID: 50557 Microsoft Excel NAME Record Global Array Parsing Memory Corruption
OSVDB ID: 50555 Microsoft Excel Malformed Formula Parsing Memory Corruption
OSVDB ID: 54957 Microsoft Office Excel File SST Record Handling String Parsing Overflow
SP2
OSVDB ID: 68573 Microsoft Office Excel File Unspecified Record Parsing Remote Integer Overflow
OSVDB ID: 68572 Microsoft Office Excel Formula Record Parsing Memory Corruption (2010-3231)
OSVDB ID: 68571 Microsoft Office Excel File Format Parsing Remote Code Execution
OSVDB ID: 68569 Microsoft Office Excel Formula Substream Record Parsing Memory Corruption
OSVDB ID: 68568 Microsoft Office Excel Formula Biff Record Parsing Remote Code Execution
OSVDB ID: 68567 Microsoft Office Excel Out Of Bounds Array Handling Remote Code Execution
OSVDB ID: 68566 Microsoft Office Excel Merge Cell Record Pointer Handling Remote Code Execution
OSVDB ID: 68565 Microsoft Office Excel Negative Future Function Parsing Remote Code Execution
OSVDB ID: 68563 Microsoft Office Excel RealTimeData Record Array Parsing Remote Code Execution
OSVDB ID: 68562 Microsoft Office Excel Out-of-Bounds Memory Write in Parsing Memory Corruption
OSVDB ID: 68564 Microsoft Office Excel PtgExtraArray Structure Parsing Remote Code Execution
OSVDB ID: 68561 Microsoft Office Excel Ghost Record Type Parsing Remote Code Execution
OSVDB ID: 68570 Microsoft Office Excel Lotus 1-2-3 Workbook Parsing Remote Overflow
SP1
OSVDB ID: 65233 Microsoft Office Excel Unspecified Memory Corruption (2010-0823)
OSVDB ID: 65227 Microsoft Office Excel SXVIEW Record Parsing Memory Corruption
SP2
OSVDB ID: 65233 Microsoft Office Excel Unspecified Memory Corruption (2010-0823)
OSVDB ID: 65227 Microsoft Office Excel SXVIEW Record Parsing Memory Corruption
OSVDB ID: 71758 Microsoft Office Excel Substream Parsing Integer Underflow
OSVDB ID: 71759 Microsoft Office Excel External Record Parsing Signedness Overflow
OSVDB ID: 70811 Microsoft Office Excel Axis Properties Record Parsing Overflow
OSVDB ID: 70904 Microsoft Office Excel OfficeArt Container Parsing Memory Corruption
Unspecified
OSVDB ID: 81728 Microsoft Office Excel Excel File Handling Memory Corruption
OSVDB ID: 81727 Microsoft Office Excel OBJECTLINK Record Excel File Handling Memory Corruption
OSVDB ID: 81725 Microsoft Office Excel SLXI Record Excel File Handling Memory Corruption
OSVDB ID: 81723 Microsoft Office Excel MergeCells Record Excel File Handling Overflow
OSVDB ID: 81724 Microsoft Office Excel Type Mismatch Series Record Excel File Handling Memory Corruption
Unspecified
Unspecified
Unspecified
Unspecified
SP2
OSVDB ID: 72924 Microsoft Office Excel File Handling Unspecified Buffer Overflow
2007
OSVDB ID: 86623 Microsoft Office Excel / Excel Viewer (Xlview.exe) XLS File Handling Arbitrary Code Execution
OSVDB ID: 54957 Microsoft Office Excel File SST Record Handling String Parsing Overflow
Unspecified
OSVDB ID: 87271 Microsoft Office Excel XLS File Handling Memory Corruption
OSVDB ID: 87273 Microsoft Office Excel XLS File Handling Overflow
Unspecified
Expression Design Watch-list
2
OSVDB ID: 80001 Microsoft Expression Design Path Subversion Arbitrary DLL Injection Code Execution
3
OSVDB ID: 80001 Microsoft Expression Design Path Subversion Arbitrary DLL Injection Code Execution
4
OSVDB ID: 80001 Microsoft Expression Design Path Subversion Arbitrary DLL Injection Code Execution
SP1
OSVDB ID: 80001 Microsoft Expression Design Path Subversion Arbitrary DLL Injection Code Execution
FAST Search Server Watch-list
SP1
2010 for SharePoint SP1
OSVDB ID: 86392 Oracle Outside In Technology Outside In HTML Export SDK Subcomponent Unspecified Remote DoS
OSVDB ID: 86389 Oracle Outside In Technology JPG graphic import filter (ibjpg2.flt) Progressive DCT-Based Image Component Count Handling DoS
Exchange Server MAPI Client and Collaboration Data Objects Watch-list
1.2.1
OSVDB ID: 51837 Microsoft Exchange Server Message Transport Neutral Encapsulation Format (TNEF) Decoding Remote Code Execution
OSVDB ID: 51838 Microsoft Exchange Server EMSMDB2 Invalid MAPI Command Remote DoS
Exchange Watch-list
2000
OSVDB ID: 2283 Microsoft Exchange OWA Execute Arbitrary Code
OSVDB ID: 3195 Microsoft Exchange OWA REFERER Header XSS
OSVDB ID: 2042 Microsoft Exchange System Attendant WinReg Remote Registry Key Manipulation
5.5
OSVDB ID: 2283 Microsoft Exchange OWA Execute Arbitrary Code
OSVDB ID: 2679 Microsoft Outlook Web Access XSS
OSVDB ID: 3195 Microsoft Exchange OWA REFERER Header XSS
2000 SP3
OSVDB ID: 2674 Microsoft Exchange SMTP Extended Request Overflow
5.5 SP1
OSVDB ID: 2679 Microsoft Outlook Web Access XSS
5.5 SP2
OSVDB ID: 2679 Microsoft Outlook Web Access XSS
5.5 SP3
OSVDB ID: 2679 Microsoft Outlook Web Access XSS
5.5 SP4
OSVDB ID: 2679 Microsoft Outlook Web Access XSS
2003
OSVDB ID: 3490 Microsoft Exchange 2003 OWA Mailbox Access Information Disclosure
5.0
OSVDB ID: 2674 Microsoft Exchange SMTP Extended Request Overflow
Exchange Server Watch-list
5.5 SP4
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
OSVDB ID: 8407 Microsoft Exchange HTML Redirection Script Insertion
OSVDB ID: 17307 Microsoft Exchange Outlook Web Access HTML Email XSS
OSVDB ID: 2674 Microsoft Exchange SMTP Extended Request Overflow
2000
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
OSVDB ID: 1856 Microsoft Exchange OWA Embedded Script Execution
OSVDB ID: 1957 Microsoft Exchange OWA Malformed Request DoS
OSVDB ID: 863 Microsoft Exchange Malformed Mail Attribute DoS
OSVDB ID: 1650 Microsoft Exchange Server EUSR_EXSTOREEVENT Default Account
OSVDB ID: 15215 Microsoft Windows SMTP E-mail Malformed Time Stamp DoS
OSVDB ID: 15467 Microsoft Exchange Server SMTP Extended Verb X-LINK2STATE Remote Overflow
2000 SP1
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
2000 SP2
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
5.5
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
OSVDB ID: 1856 Microsoft Exchange OWA Embedded Script Execution
OSVDB ID: 457 Microsoft Exchange Malformed MIME Header DoS
OSVDB ID: 1031 Microsoft Exchange Server Encapsulated SMTP Address Open Relay
OSVDB ID: 8211 Microsoft Exchange Server Malformed SMTP Command DoS
OSVDB ID: 10246 Microsoft Exchange Server Malformed NNTP AUTHINFO DoS
OSVDB ID: 601 Microsoft Exchange Server LDAP Bind Function Overflow
OSVDB ID: 5557 Microsoft Outlook Web Access With IE Embedded Script Execution
OSVDB ID: 852 Microsoft Exchange EHLO Long Hostname Overflow
OSVDB ID: 5390 Microsoft Exchange NTLM Null Session Mail Relay
OSVDB ID: 10160 Multiple RPC Servers Malformed Input Remote DoS
5.5 SP1
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
OSVDB ID: 10160 Multiple RPC Servers Malformed Input Remote DoS
5.5 SP2
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
OSVDB ID: 10160 Multiple RPC Servers Malformed Input Remote DoS
5.5 SP3
OSVDB ID: 4932 Microsoft Outlook Web Access SecurID Authentication Bypass
OSVDB ID: 10160 Multiple RPC Servers Malformed Input Remote DoS
4.0
OSVDB ID: 6031 Microsoft Exchange Multiple SMTP Command DoS
OSVDB ID: 5855 Microsoft Exchange MTA HELO Command Remote Overflow
OSVDB ID: 58016 Ipswitch MTA HELO Command Remote Overflow
5.0
OSVDB ID: 6031 Microsoft Exchange Multiple SMTP Command DoS
OSVDB ID: 457 Microsoft Exchange Malformed MIME Header DoS
OSVDB ID: 8211 Microsoft Exchange Server Malformed SMTP Command DoS
OSVDB ID: 10246 Microsoft Exchange Server Malformed NNTP AUTHINFO DoS
OSVDB ID: 5855 Microsoft Exchange MTA HELO Command Remote Overflow
OSVDB ID: 58016 Ipswitch MTA HELO Command Remote Overflow
OSVDB ID: 10160 Multiple RPC Servers Malformed Input Remote DoS
5.0 SP1
OSVDB ID: 6031 Microsoft Exchange Multiple SMTP Command DoS
OSVDB ID: 5855 Microsoft Exchange MTA HELO Command Remote Overflow
OSVDB ID: 58016 Ipswitch MTA HELO Command Remote Overflow
2003
OSVDB ID: 10696 Microsoft Windows/Exchange SMTP DNS Lookup Overflow
OSVDB ID: 10697 Microsoft Windows/Exchange NNTP Component Remote Overflow
OSVDB ID: 13621 Microsoft Outlook Web Access (OWA) owalogon.asp Redirection Account Enumeration
OSVDB ID: 15467 Microsoft Exchange Server SMTP Extended Verb X-LINK2STATE Remote Overflow
2003 SP1
OSVDB ID: 34389 Microsoft Exchange Outlook Web Access (OWA) Attachment Script Injection
OSVDB ID: 10696 Microsoft Windows/Exchange SMTP DNS Lookup Overflow
OSVDB ID: 10697 Microsoft Windows/Exchange NNTP Component Remote Overflow
OSVDB ID: 34390 Microsoft Exchange Server MODPROPS Malformed iCal DoS
OSVDB ID: 34391 Microsoft Exchange Server MIME Decoding Remote Code Execution
OSVDB ID: 26441 Microsoft Exchange Server Outlook Web Access HTML Parsing Unspecified XSS
OSVDB ID: 25338 Microsoft Exchange Collaboration Data Objects Crafted Email Code Execution
2000 SP3
OSVDB ID: 34392 Microsoft Exchange Server IMAP Literal Processing DoS
OSVDB ID: 34389 Microsoft Exchange Outlook Web Access (OWA) Attachment Script Injection
OSVDB ID: 10697 Microsoft Windows/Exchange NNTP Component Remote Overflow
OSVDB ID: 51837 Microsoft Exchange Server Message Transport Neutral Encapsulation Format (TNEF) Decoding Remote Code Execution
OSVDB ID: 51838 Microsoft Exchange Server EMSMDB2 Invalid MAPI Command Remote DoS
OSVDB ID: 34390 Microsoft Exchange Server MODPROPS Malformed iCal DoS
OSVDB ID: 34391 Microsoft Exchange Server MIME Decoding Remote Code Execution
OSVDB ID: 26441 Microsoft Exchange Server Outlook Web Access HTML Parsing Unspecified XSS
OSVDB ID: 19905 Microsoft Collaboration Data Objects Remote Overflow
2003 SP2
OSVDB ID: 49230 Microsoft Outlook Web Access (OWA) exchweb/bin/redir.asp URL Variable Arbitrary Site Redirect
OSVDB ID: 46779 Microsoft Outlook Web Access (OWA) Data Validation Unspecified XSS
OSVDB ID: 34389 Microsoft Exchange Outlook Web Access (OWA) Attachment Script Injection
OSVDB ID: 51837 Microsoft Exchange Server Message Transport Neutral Encapsulation Format (TNEF) Decoding Remote Code Execution
OSVDB ID: 51838 Microsoft Exchange Server EMSMDB2 Invalid MAPI Command Remote DoS
OSVDB ID: 34390 Microsoft Exchange Server MODPROPS Malformed iCal DoS
OSVDB ID: 34391 Microsoft Exchange Server MIME Decoding Remote Code Execution
OSVDB ID: 26441 Microsoft Exchange Server Outlook Web Access HTML Parsing Unspecified XSS
OSVDB ID: 25338 Microsoft Exchange Collaboration Data Objects Crafted Email Code Execution
2007
OSVDB ID: 46779 Microsoft Outlook Web Access (OWA) Data Validation Unspecified XSS
OSVDB ID: 34390 Microsoft Exchange Server MODPROPS Malformed iCal DoS
OSVDB ID: 34391 Microsoft Exchange Server MIME Decoding Remote Code Execution
2000 Post-Service Pack 3 Update Rollup of August 2004
OSVDB ID: 25338 Microsoft Exchange Collaboration Data Objects Crafted Email Code Execution
2007 SP1
OSVDB ID: 46779 Microsoft Outlook Web Access (OWA) Data Validation Unspecified XSS
OSVDB ID: 51837 Microsoft Exchange Server Message Transport Neutral Encapsulation Format (TNEF) Decoding Remote Code Execution
4.0
5.0
5.0 SP1
4.0
5.0
5.0 SP1
2007 SP2 for x64-based Systems
OSVDB ID: 69810 Microsoft Exchange Server store.exe Malformed MAPI Request Infinite Loop Remote DoS
2003 SP2
2007 SP1
2007 SP2
2003 SP2
OSVDB ID: 67119 Microsoft Outlook Web Access (OWA) Multiple Function CSRF
2007 SP1
OSVDB ID: 67119 Microsoft Outlook Web Access (OWA) Multiple Function CSRF
2007 SP2
OSVDB ID: 67119 Microsoft Outlook Web Access (OWA) Multiple Function CSRF
5.0 SP2
OSVDB ID: 22305 Microsoft Outlook/Exchange TNEF Decoding Arbitrary Code Execution
5.5 SP4
OSVDB ID: 22305 Microsoft Outlook/Exchange TNEF Decoding Arbitrary Code Execution
2007 SP3
OSVDB ID: 89194 Oracle Outside In Technology Paradox Database Stream Filter (vspdx.dll) Field Name number of fields Table Header Value Handling Remote Heap-Based Buffer Overflow
OSVDB ID: 88314 Microsoft Exchange Server RSS Feed Handling Unspecified Remote DoS
OSVDB ID: 89193 Oracle Outside In Technology Paradox Database Stream Filter (vspdx.dll) Field Type Parsing Unallocated Memory Reference Remote DoS
2010 SP2
OSVDB ID: 89194 Oracle Outside In Technology Paradox Database Stream Filter (vspdx.dll) Field Name number of fields Table Header Value Handling Remote Heap-Based Buffer Overflow
OSVDB ID: 88314 Microsoft Exchange Server RSS Feed Handling Unspecified Remote DoS
OSVDB ID: 89193 Oracle Outside In Technology Paradox Database Stream Filter (vspdx.dll) Field Type Parsing Unallocated Memory Reference Remote DoS
2010 SP1
OSVDB ID: 88314 Microsoft Exchange Server RSS Feed Handling Unspecified Remote DoS
Exchange Server 2007 Watch-list
Service Pack 3
Expression Web Watch-list
Service Pack 1
OSVDB ID: 88959 Microsoft XML Core Services Integer Truncation XML Handling Memory Corruption
OSVDB ID: 88958 Microsoft XML Core Services Unspecified XSLT Handling Memory Corruption
2
OSVDB ID: 88959 Microsoft XML Core Services Integer Truncation XML Handling Memory Corruption
OSVDB ID: 88958 Microsoft XML Core Services Unspecified XSLT Handling Memory Corruption
Service Pack 1
2
Exchange Server 2010 Watch-list
Service Pack 1
Service Pack 2

The database information may change without any notice. Use of the information constitutes acceptance for use in an AS IS condition, and there are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. In no event shall the copyright holder or distributor (OSVDB or OSF) be held liable for any damages whatsoever arising out of or in connection with the use or spread of this information.

© Copyright 2002 - 2013 Open Source Vulnerability Database (OSVDB), All Rights Reserved.
Privacy Statement - Terms of Use