Total
757 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-3109 | 1 Microsoft | 2 Frontpage, Office | 2018-10-16 | 6.4 MEDIUM | N/A |
The CERN Image Map Dispatcher (htimage.exe) in Microsoft FrontPage allows remote attackers to determine the existence, and possibly partial contents, of arbitrary files under the web root via a relative pathname in the PATH_INFO. | |||||
CVE-2007-2224 | 1 Microsoft | 5 Office, Visual Basic, Windows 2000 and 2 more | 2018-10-16 | 9.3 HIGH | N/A |
Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. | |||||
CVE-2007-1747 | 1 Microsoft | 1 Office | 2018-10-16 | 9.3 HIGH | N/A |
Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. | |||||
CVE-2007-1238 | 1 Microsoft | 1 Office | 2018-10-16 | 4.3 MEDIUM | N/A |
Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file. | |||||
CVE-2007-0936 | 1 Microsoft | 2 Office, Visio | 2018-10-16 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging Vulnerability." | |||||
CVE-2007-0215 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2018-10-16 | 7.6 HIGH | N/A |
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption. | |||||
CVE-2007-0034 | 1 Microsoft | 2 Office, Outlook | 2018-10-16 | 9.3 HIGH | N/A |
Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." | |||||
CVE-2007-0029 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-16 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | |||||
CVE-2007-0030 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-16 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. | |||||
CVE-2007-0033 | 1 Microsoft | 2 Office, Outlook | 2018-10-16 | 9.3 HIGH | N/A |
Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | |||||
CVE-2007-0031 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-16 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. | |||||
CVE-2007-0027 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-16 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. | |||||
CVE-2007-0028 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-16 | 9.3 HIGH | N/A |
Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used. | |||||
CVE-2008-0109 | 1 Microsoft | 2 Office, Word | 2018-10-15 | 9.3 HIGH | N/A |
Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. | |||||
CVE-2008-0119 | 1 Microsoft | 1 Office | 2018-10-15 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vulnerability." | |||||
CVE-2008-0116 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-15 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability." | |||||
CVE-2007-6329 | 1 Microsoft | 1 Office | 2018-10-15 | 6.4 MEDIUM | N/A |
Microsoft Office 2007 12.0.6015.5000 and MSO 12.0.6017.5000 do not sign the metadata of Office Open XML (OOXML) documents, which makes it easier for remote attackers to modify Dublin Core metadata fields, as demonstrated by the (1) LastModifiedBy and (2) creator fields in docProps/core.xml in the OOXML ZIP container. | |||||
CVE-2007-6026 | 1 Microsoft | 6 Jet, Office, Windows 2000 and 3 more | 2018-10-15 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. NOTE: this might be the same issue as CVE-2005-0944. | |||||
CVE-2016-7234 | 1 Microsoft | 7 Excel For Mac, Office, Office Compatibility Pack and 4 more | 2018-10-12 | 9.3 HIGH | 7.8 HIGH |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
CVE-2016-7235 | 1 Microsoft | 5 Excel For Mac, Office, Office Compatibility Pack and 2 more | 2018-10-12 | 9.3 HIGH | 7.8 HIGH |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." |