8 matches found
CVE-2014-1252
Double free vulnerability in Apple Pages 2.x before 2.1 and 5.x before 5.1 allows remote attackers to execute arbitrary code or cause a denial of service application crash via a crafted Microsoft Word file...
CVE-2012-2550
Microsoft Works 9 allows remote attackers to execute arbitrary code or cause a denial of service heap memory corruption via a crafted Word .doc file, aka "Works Heap Vulnerability."...
Microsoft Word Access Violation Code Execution (MS11-099; CVE-2011-1983)
A remote code execution vulnerability has been reported in Microsoft Word. The vulnerability is due to an error in the way Microsoft Word handles objects in memory. A remote attacker could exploit this vulnerability by enticing a user to open a specially crafted Word file with an affected version...
Microsoft Word Smart Tags Code Execution (MS06-027; CVE-2006-2492)
A code execution vulnerability exists in Microsoft Office Word software. The vulnerability is due to insufficient validation of certain fields related to the Smart Tags in a Word document. An attacker may exploit this vulnerability by enticing a user to open a crafted Word file, which may result ...
Microsoft Word Document Stream Handling Code Execution (MS07-024; CVE-2007-0870)
Microsoft Word is a document authoring product released by the Microsoft Corporation. Microsoft Word is available packaged with the Microsoft Office suite, as well as in form of a standalone product. Its native file format is the Word Document, normally identified by the .doc file extension. A Wo...
CVE-2009-0087
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file...
Buffer overflow
Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026...
Microsoft Word fails to properly process crafted array data
Overview Microsoft Word contains a remote code execution vulnerability that could enable an attacker to execute arbitrary code and gain complete control of the vulnerable system. Description Microsoft Word fails to properly handle malformed data within an array. When a Word file is opened, Word...