Total
757 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2006-1311 | 1 Microsoft | 5 Learning Essentials, Office, Windows 2000 and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption. | |||||
| CVE-2006-0004 | 1 Microsoft | 1 Office | 2018-10-12 | 5.0 MEDIUM | N/A |
| Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder (TIFF). | |||||
| CVE-2006-0029 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. | |||||
| CVE-2006-0033 | 1 Microsoft | 1 Office | 2018-10-12 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed. | |||||
| CVE-2006-0030 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 5.1 MEDIUM | N/A |
| Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. | |||||
| CVE-2004-0846 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 7.5 HIGH | N/A |
| Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | |||||
| CVE-2004-0848 | 1 Microsoft | 6 Office, Powerpoint, Project and 3 more | 2018-10-12 | 7.5 HIGH | N/A |
| Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. | |||||
| CVE-2004-0121 | 1 Microsoft | 2 Office, Outlook | 2018-10-12 | 7.5 HIGH | N/A |
| Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. | |||||
| CVE-2003-0347 | 1 Microsoft | 4 Office, Project, Visio and 1 more | 2018-10-12 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. | |||||
| CVE-2002-0618 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 7.5 HIGH | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution". | |||||
| CVE-2002-0152 | 1 Microsoft | 6 Entourage, Excel, Ie and 3 more | 2018-10-12 | 7.5 HIGH | N/A |
| Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh. | |||||
| CVE-2002-0617 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 5.1 MEDIUM | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass." | |||||
| CVE-2002-0619 | 1 Microsoft | 1 Office | 2018-10-12 | 7.5 HIGH | N/A |
| The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" (CVE-2000-0788). | |||||
| CVE-2002-0615 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 7.5 HIGH | N/A |
| The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation". | |||||
| CVE-2002-0616 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 5.1 MEDIUM | N/A |
| The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | |||||
| CVE-2002-0021 | 1 Microsoft | 1 Office | 2018-10-12 | 5.0 MEDIUM | N/A |
| Network Product Identification (PID) Checker in Microsoft Office v. X for Mac allows remote attackers to cause a denial of service (crash) via a malformed product announcement. | |||||
| CVE-2001-0003 | 1 Microsoft | 4 Office, Windows 2000, Windows Me and 1 more | 2018-10-12 | 5.0 MEDIUM | N/A |
| Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulnerability. | |||||
| CVE-1999-0794 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 4.6 MEDIUM | N/A |
| Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | |||||
| CVE-2000-0419 | 1 Microsoft | 10 Access, Excel, Frontpage and 7 more | 2018-10-12 | 7.5 HIGH | N/A |
| The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | |||||
| CVE-2000-0088 | 1 Microsoft | 4 Office, Office Converter Pack, Powerpoint and 1 more | 2018-10-12 | 7.2 HIGH | N/A |
| Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability. | |||||