CVE-2025-65482

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

GHSA-7JC7-G598-2P64 XDocReport affected by an XML External Entity (XXE) vulnerability

An XML External Entity XXE vulnerability in opensagres XDocReport v0.9.2 to v2.0.3 allows attackers to execute arbitrary code via uploading a crafted .docx file...

Hancom Office Resource Management Error Vulnerability

Hancom Office is a mobile office program from the Korean company Hancom. The program supports viewing and editing documents in multiple formats. A resource management error vulnerability exists in Hancom Office version 2020 HWord 11.0.0.7520, which stems from a security issue in the footer...

SUSE CVE-2010-3453

The WW8ListManager::WW8ListManager function in oowriter in OpenOffice.org OOo 2.x and 3.x before 3.3 does not properly handle an unspecified number of list levels in user-defined list styles in WW8 data in a Microsoft Word document, which allows remote attackers to cause a denial of service...

Ascensio System ONLYOFFICE Document Server Input Validation Error Vulnerability

Ascensio System ONLYOFFICE Document Server is an online office collaboration suite from Ascensio System, Latvia. The product supports viewing and editing of text, spreadsheets and presentations, among others. An input validation error vulnerability exists in Ascensio System ONLYOFFICE Document...

Buffer overflow

Buffer overflow in OfficeImport in Apple iOS before 5 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Word document...

CVE-2010-3216

Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."...

Memory corruption

Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability."...

CVE-2010-3219

Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability."...

Microsoft Word Array Data Handling Buffer Overflow (MS07-024; CVE-2007-0035)

A buffer overflow vulnerability exists in the way Microsoft Word processes word documents. The vulnerability is the result of an infinite loop. A remote attacker can exploit this vulnerability by enticing the target user to open a crafted Word document, potentially causing arbitrary code to be...

Design/Logic Flaw

filter/ww8/ww8par2.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted sprmTSetBrc table property modifier in a Word document, related to a "boundary error flaw."...

OpenOffice.org Word sprmTDefTable Memory Corruption

Integer underflow in filter/ww8/ww8par2.cxx in OpenOffice.org OOo before 3.2 allows remote attackers to cause a denial of service application crash or possibly execute arbitrary code via a crafted sprmTDefTable table property modifier in a Word document...

Memory corruption

Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to...