Total
59 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-0208 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code. | |||||
CVE-2008-0108 | 1 Microsoft | 2 Office, Works | 2023-12-10 | 9.3 HIGH | N/A |
Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | |||||
CVE-2008-0105 | 1 Microsoft | 2 Office, Works | 2023-12-10 | 9.3 HIGH | N/A |
Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." | |||||
CVE-2007-0030 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. | |||||
CVE-2007-1202 | 1 Microsoft | 3 Word, Word Viewer, Works | 2023-12-10 | 6.8 MEDIUM | N/A |
Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability." | |||||
CVE-2007-0029 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." | |||||
CVE-2007-0031 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. | |||||
CVE-2006-6561 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456. | |||||
CVE-2007-0027 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption. | |||||
CVE-2006-5994 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2023-12-10 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456. | |||||
CVE-2004-0848 | 1 Microsoft | 6 Office, Powerpoint, Project and 3 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. | |||||
CVE-2006-3654 | 1 Microsoft | 1 Works | 2023-12-10 | 2.6 LOW | N/A |
Buffer overflow in wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted Excel files. | |||||
CVE-2006-3653 | 1 Microsoft | 1 Works | 2023-12-10 | 2.6 LOW | N/A |
wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files. | |||||
CVE-2006-0009 | 1 Microsoft | 2 Office, Works | 2023-12-10 | 5.1 MEDIUM | N/A |
Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in attacks against PowerPoint. | |||||
CVE-2000-0419 | 1 Microsoft | 10 Access, Excel, Frontpage and 7 more | 2023-12-10 | 7.5 HIGH | N/A |
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability. | |||||
CVE-2003-0821 | 1 Microsoft | 2 Word, Works | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | |||||
CVE-2003-0820 | 1 Microsoft | 2 Word, Works | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack. | |||||
CVE-2003-0664 | 1 Microsoft | 2 Word, Works | 2023-12-10 | 7.5 HIGH | N/A |
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document. | |||||
CVE-2004-0573 | 1 Microsoft | 5 Frontpage, Office, Publisher and 2 more | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. |