cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2013-3137,https://securityvulnerability.io/vulnerability/CVE-2013-3137,,"Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka ""XML Disclosure Vulnerability.""",Microsoft,Frontpage,,,0.010710000060498714,false,false,false,false,,false,false,2013-09-11T10:00:00.000Z,0
CVE-2008-4255,https://securityvulnerability.io/vulnerability/CVE-2008-4255,,"Heap-based buffer overflow in mscomct2.ocx (aka Windows Common ActiveX control or Microsoft Animation ActiveX control) in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, and Office Project 2003 SP3 and 2007 Gold and SP1 allows remote attackers to execute arbitrary code via an AVI file with a crafted stream length, which triggers an ""allocation error"" and memory corruption, aka ""Windows Common AVI Parsing Overflow Vulnerability.""",Microsoft,"Visual Foxpro,Visual Studio .net,Visual Basic,Project,Office Frontpage",,,0.9411900043487549,false,false,false,false,,false,false,2008-12-10T13:33:00.000Z,0
CVE-2008-4256,https://securityvulnerability.io/vulnerability/CVE-2008-4256,,"The Charts ActiveX control in Microsoft Visual Basic 6.0, Visual Studio .NET 2002 SP1 and 2003 SP1, and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the ""system state,"" aka ""Charts Control Memory Corruption Vulnerability.""",Microsoft,"Visual Foxpro,Visual Studio .net,Visual Basic,Project,Office Frontpage",,,0.6840500235557556,false,false,false,false,,false,false,2008-12-10T13:33:00.000Z,0
CVE-2008-4252,https://securityvulnerability.io/vulnerability/CVE-2008-4252,,"The DataGrid ActiveX control in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the ""system state,"" aka ""DataGrid Control Memory Corruption Vulnerability.""",Microsoft,"Visual Foxpro,Visual Studio .net,Visual Basic,Project,Office Frontpage",,,0.6039599776268005,false,false,false,false,,false,false,2008-12-10T13:33:00.000Z,0
CVE-2008-4253,https://securityvulnerability.io/vulnerability/CVE-2008-4253,,"The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allows remote attackers to execute arbitrary code via a crafted HTML document, related to corruption of the ""system state,"" aka ""FlexGrid Control Memory Corruption Vulnerability.""",Microsoft,"Visual Foxpro,Visual Studio .net,Visual Basic,Project,Office Frontpage",,,0.6840500235557556,false,false,false,false,,false,false,2008-12-10T13:33:00.000Z,0
CVE-2008-4254,https://securityvulnerability.io/vulnerability/CVE-2008-4254,,"Multiple integer overflows in the Hierarchical FlexGrid ActiveX control (mshflxgd.ocx) in Microsoft Visual Basic 6.0 and Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2 allow remote attackers to execute arbitrary code via crafted (1) Rows and (2) Cols properties to the (a) ExpandAll and (b) CollapseAll methods, related to access of incorrectly initialized objects and corruption of the ""system state,"" aka ""Hierarchical FlexGrid Control Memory Corruption Vulnerability.""",Microsoft,"Visual Foxpro,Visual Studio .net,Visual Basic,Project,Office Frontpage",,,0.9618499875068665,false,false,false,false,,false,false,2008-12-10T13:33:00.000Z,0
CVE-2008-3068,https://securityvulnerability.io/vulnerability/CVE-2008-3068,,"Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.",Microsoft,"Frontpage,Sharepoint Designer,Office Communicator,Access,Visio Professional,Outlook,Project Standard,Powerpoint,Infopath,Visio Standard,Windows Live Mail,Publisher,Onenote,Excel,Project Professional,Office,Groove",,,0.05584000051021576,false,false,false,false,,false,false,2008-07-07T23:41:00.000Z,0
CVE-2007-3109,https://securityvulnerability.io/vulnerability/CVE-2007-3109,,"The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO.",Microsoft,"Office,Frontpage",,,0.013009999878704548,false,false,false,false,,false,false,2007-06-07T21:00:00.000Z,0
CVE-2007-0671,https://securityvulnerability.io/vulnerability/CVE-2007-0671,,"Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.",Microsoft,"Frontpage,Project,Access,Outlook,Powerpoint,Office,Excel,Publisher,Word,Infopath,Excel Viewer,Visio,Onenote,Word Viewer",,,0.9559100270271301,false,false,false,false,,false,false,2007-02-03T01:00:00.000Z,0
CVE-2006-3877,https://securityvulnerability.io/vulnerability/CVE-2006-3877,,"Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified ""crafted file,"" a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.",Microsoft,"Frontpage,Project,Access,Outlook,Powerpoint,Office,Excel,Publisher,Word,Infopath,Excel Viewer,Visio,Onenote,Word Viewer",,,0.1588899940252304,false,false,false,false,,false,false,2006-10-10T22:00:00.000Z,0
CVE-2006-0015,https://securityvulnerability.io/vulnerability/CVE-2006-0015,,"Cross-site scripting (XSS) vulnerability in _vti_bin/_vti_adm/fpadmdll.dll in Microsoft FrontPage Server Extensions 2002 and SharePoint Team Services allows remote attackers to inject arbitrary web script or HTML, then leverage the attack to execute arbitrary programs or create new accounts, via the (1) operation, (2) command, and (3) name parameters.",Microsoft,"Sharepoint Team Services,Frontpage Server Extensions",,,0.12029000371694565,false,false,false,false,,false,false,2006-04-11T23:02:00.000Z,0
CVE-2005-2143,https://securityvulnerability.io/vulnerability/CVE-2005-2143,,Microsoft Front Page allows attackers to cause a denial of service (crash) via a crafted style tag in a web page.,Microsoft,Frontpage,,,0.002300000051036477,false,false,false,false,,false,false,2005-07-05T04:00:00.000Z,0
CVE-2004-2179,https://securityvulnerability.io/vulnerability/CVE-2004-2179,,"asycpict.dll, as used in Microsoft products such as Front Page 97 and 98, allows remote attackers to cause a denial of service (hang) via a JPEG image with maximum height and width values.",Microsoft,"Frontpage,Ie",,,0.013629999943077564,false,false,false,false,,false,false,2004-12-31T05:00:00.000Z,0
CVE-2004-0200,https://securityvulnerability.io/vulnerability/CVE-2004-0200,,"Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.",Microsoft,"Frontpage,Visual J\# .net,Visual C\+\+,Digital Image Pro,Visual Studio .net,Project,Visual Basic,Picture It,Powerpoint,Office,Outlook,Digital Image Suite,Infopath,Publisher,Word,Excel,Visio,Greetings,Onenote,Visual C\#,Producer,.net Framework",,,0.9617199897766113,false,false,false,false,,false,false,2004-09-28T04:00:00.000Z,0
CVE-2004-0573,https://securityvulnerability.io/vulnerability/CVE-2004-0573,,"Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.",Microsoft,"Frontpage,Publisher,Word,Office,Works",,,0.8853200078010559,false,false,false,false,,false,false,2004-09-28T04:00:00.000Z,0
CVE-2003-0824,https://securityvulnerability.io/vulnerability/CVE-2003-0824,,"Unknown vulnerability in the SmartHTML interpreter (shtml.dll) in Microsoft FrontPage Server Extensions 2000 and 2002, and Microsoft SharePoint Team Services 2002, allows remote attackers to cause a denial of service (response failure) via a certain request.",Microsoft,"Frontpage Server Extensions,Sharepoint Team Services",,,0.8379899859428406,false,false,false,false,,false,false,2003-12-15T05:00:00.000Z,0
CVE-2003-0822,https://securityvulnerability.io/vulnerability/CVE-2003-0822,,Buffer overflow in the debug functionality in fp30reg.dll of Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to execute arbitrary code via a crafted chunked encoded request.,Microsoft,"Frontpage Server Extensions,Sharepoint Team Services",,,0.9690300226211548,false,false,false,false,,false,false,2003-12-15T05:00:00.000Z,0
CVE-2002-0692,https://securityvulnerability.io/vulnerability/CVE-2002-0692,,"Buffer overflow in SmartHTML Interpreter (shtml.dll) in Microsoft FrontPage Server Extensions (FPSE) 2000 and 2002 allows remote attackers to cause a denial of service (CPU consumption) or run arbitrary code, respectively, via a certain type of web file request.",Microsoft,Frontpage Server Extensions,,,0.04021000117063522,false,false,false,false,,false,false,2002-10-10T04:00:00.000Z,0
CVE-2001-0341,https://securityvulnerability.io/vulnerability/CVE-2001-0341,,Buffer overflow in Microsoft Visual Studio RAD Support sub-component of FrontPage Server Extensions allows remote attackers to execute arbitrary commands via a long registration request (URL) to fp30reg.dll.,Microsoft,Frontpage Server Extensions,,,0.01597999967634678,false,false,false,false,,false,false,2001-07-21T04:00:00.000Z,0
CVE-1999-0681,https://securityvulnerability.io/vulnerability/CVE-1999-0681,,"Buffer overflow in Microsoft FrontPage Server Extensions (PWS) 3.0.2.926 on Windows 95, and possibly other versions, allows remote attackers to cause a denial of service via a long URL.",Microsoft,"Personal Web Server,Frontpage",,,0.1999800056219101,false,false,false,false,,false,false,2001-03-12T05:00:00.000Z,0
CVE-2000-0710,https://securityvulnerability.io/vulnerability/CVE-2000-0710,,The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to determine the physical path of the server components by requesting an invalid URL whose name includes a standard DOS device name.,Microsoft,Frontpage,,,0.823930025100708,false,false,false,false,,false,false,2000-10-20T04:00:00.000Z,0
CVE-2000-0709,https://securityvulnerability.io/vulnerability/CVE-2000-0709,,The shtml.exe component of Microsoft FrontPage 2000 Server Extensions 1.1 allows remote attackers to cause a denial of service in some components by requesting a URL whose name includes a standard DOS device name.,Microsoft,Frontpage,,,0.8611000180244446,false,false,false,false,,false,false,2000-10-20T04:00:00.000Z,0
CVE-2000-0746,https://securityvulnerability.io/vulnerability/CVE-2000-0746,,"Vulnerabilities in IIS 4.0 and 5.0 do not properly protect against cross-site scripting (CSS) attacks.  They allow a malicious web site operator to embed scripts in a link to a trusted site, which are returned without quoting in an error message back to the client.  The client then executes those scripts in the same context as the trusted site, aka the ""IIS Cross-Site Scripting"" vulnerabilities.",Microsoft,"Internet Information Services,Internet Information Server,Frontpage",,,0.0032500000670552254,false,false,false,false,,false,false,2000-10-20T04:00:00.000Z,0
CVE-2000-0419,https://securityvulnerability.io/vulnerability/CVE-2000-0419,,"The Office 2000 UA ActiveX Control is marked as ""safe for scripting,"" which allows remote attackers to conduct unauthorized activities via the ""Show Me"" function in Office Help, aka the ""Office 2000 UA Control"" vulnerability.",Microsoft,"Access,Outlook,Powerpoint,Photodraw 2000,Excel,Word,Project,Office,Works,Frontpage",,,0.02167999930679798,false,false,false,false,,false,false,2000-05-11T04:00:00.000Z,0
CVE-2000-0413,https://securityvulnerability.io/vulnerability/CVE-2000-0413,,"The shtml.exe program in the FrontPage extensions package of IIS 4.0 and 5.0 allows remote attackers to determine the physical path of HTML, HTM, ASP, and SHTML files by requesting a file that does not exist, which generates an error message that reveals the path.",Microsoft,"Internet Information Services,Internet Information Server,Frontpage",,,0.9053400158882141,false,false,false,false,,false,false,2000-05-06T04:00:00.000Z,0