Lucene search
+L
MicrosoftExcel Viewer

125 matches found

CVE
CVE
added 2016/09/14 10:0 a.m.92 views

CVE-2016-3362

CVE-2016-3362 and CVE-2016-3365 are memory‑corruption vulnerabilities in Microsoft Office components (notably Excel across multiple versions and Office/SharePoint services) that allow remote code execution via a crafted document. The root cause is memory handling flaws in Office components when p...

9.3CVSS7.6AI score0.17466EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.91 views

CVE-2009-3127

CVE-2009-3127 (Excel Cache Memory Corruption) is a remote code execution vulnerability in Microsoft Office Excel variants: Excel 2002 SP3, 2003 SP3, 2004/2008 for Mac, Open XML File Format Converter for Mac, and Excel Viewer 2003 SP3. It stems from improper parsing of the Excel file format, allow...

9.3CVSS7.3AI score0.25075EPSS
CVE
CVE
added 2015/09/09 12:0 a.m.91 views

CVE-2015-2521

CVE-2015-2521 is a memory corruption vulnerability in Microsoft Office components (Excel 2007 SP3/2010 SP2, Office Compatibility Pack, Excel Viewer) that allows remote code execution when processing specially crafted Office documents. Public sources confirm in-the-wild exploitation for this famil...

9.3CVSS7.5AI score0.2769EPSS
CVE
CVE
added 2018/10/10 1:0 p.m.91 views

CVE-2018-8427

CVE-2018-8427 is an information-disclosure vulnerability in Microsoft Graphics Components that affects Microsoft Office family products (Office, Word Viewer, PowerPoint/Excel Viewers, Office 365 ProPlus) and related Windows components (Windows Server 2008). The root cause involves improper handli...

5.5CVSS5.7AI score0.02293EPSS
CVE
CVE
added 2015/09/09 12:0 a.m.90 views

CVE-2015-2523

CVE-2015-2523 describes a memory corruption vulnerability in Microsoft Office components (notably Excel 2007 SP3, 2010 SP2, 2013 SP1/RT SP1, Mac 2011/2016, Office Compatibility Pack SP3, and Excel Viewer) that allows remote code execution when processing crafted Office documents. The root cause i...

9.3CVSS7.4AI score0.30315EPSS
CVE
CVE
added 2018/06/14 12:0 p.m.89 views

CVE-2018-8246

CVE-2018-8246 affects Microsoft Excel and related Office components. The connected advisories describe an information-disclosure vulnerability caused by the inclusion of uninitialized memory when processing parsed expressions in FORMULA records within Excel workbooks, allowing disclosure of sensi...

5.5CVSS5AI score0.17359EPSS
CVE
CVE
added 2016/11/10 6:16 a.m.88 views

CVE-2016-7229

CVE-2016-7229 is a memory corruption vulnerability in Microsoft Office/Excel affecting multiple Office versions (including Excel 2007/2010/2013/2016 and Mac variants) that allows remote code execution via a crafted Office document. The issue stems from improper handling of objects in memory, enab...

9.3CVSS7.6AI score0.19282EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.87 views

CVE-2015-6122

CVE-2015-6122 is part of the MS15-131 memory corruption family affecting multiple Microsoft Office products. The connected Nessus plugin (MS15-131) links CVE-2015-6122 to remote code execution via crafted Office documents, with Mac OS X Office versions (MACOSX_MS15-131_OFFICE.NASL) and Office for...

9.3CVSS7.5AI score0.13601EPSS
CVE
CVE
added 2018/08/15 5:0 p.m.87 views

CVE-2018-8375

CVE-2018-8375 is a remote code execution vulnerability in Microsoft Excel family (Excel, Excel Viewer, Office) caused by improper handling of in-memory objects. The CVE affects Excel-related products and is characterized by a high-impact, possible remote code execution with local attack vector, r...

9.3CVSS7.8AI score0.16245EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.86 views

CVE-2008-4019

CVE-2008-4019 is an integer overflow in Excel’s REPT function used when parsing a formula within a cell, affecting multiple Windows and Mac Excel versions (e.g., 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1) and related viewers/compat packs. The vulnerability allows remote code execution if a ...

9.3CVSS7.5AI score0.34415EPSS
CVE
CVE
added 2015/07/14 9:0 p.m.86 views

CVE-2015-2378

CVE-2015-2378 is an Untrusted Search Path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3. The root cause is DLL loading from the current working directory (Trojan horse DLL) that enables local privilege elevation. Documents indi...

6.9CVSS7AI score0.06135EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.86 views

CVE-2016-3363

CVE-2016-3363 affects Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer. The vulnerability is a memory-corruption flaw triggered by a crafted document, enabling remote code execution with the attacker gaining t...

9.3CVSS7.6AI score0.20203EPSS
CVE
CVE
added 2015/07/14 9:0 p.m.85 views

CVE-2015-2375

Microsoft Excel ASLR Bypass (CVE-2015-2375) affects Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, and Excel Services on SharePoint Server 2010 SP2/2013 SP1. Root cause: crafted spreadsheet allows bypassing ASLR protection, enabling potential memory-disclosure or downst...

4.3CVSS6.4AI score0.13995EPSS
CVE
CVE
added 2016/02/10 11:0 a.m.85 views

CVE-2016-0054

CVE-2016-0054 affects multiple Microsoft Office components (notably Excel across Windows and macOS, including Office viewers/SharePoint services). The underlying issue is memory corruption triggered by processing a crafted Office document, enabling remote code execution. Public references describ...

9.3CVSS7.7AI score0.16074EPSS
CVE
CVE
added 2016/07/13 1:0 a.m.85 views

CVE-2016-3284

CVE-2016-3284 affects Microsoft Excel components across numerous products (Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; Excel for Mac 2011/2016; Office Compatibility Pack SP3; Excel Viewer). Root cause is memory corruption when processing crafted Office documents, enabling remote code e...

9.3CVSS7.6AI score0.19641EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.85 views

CVE-2016-3365

CVE-2016-3365 is a Microsoft Office memory corruption vulnerability affecting Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exc...

9.3CVSS7.6AI score0.19867EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.84 views

CVE-2018-1029

Microsoft Excel remote code execution vulnerability exists due to improper handling of objects in memory, affecting Microsoft Excel, Excel Viewer, and Microsoft Office. The CVE-2018-1029 entry aligns with related CVEs (1027, 1011, 0920) and cites a memory-object handling flaw as the cause. The do...

9.3CVSS7.7AI score0.20332EPSS
CVE
CVE
added 2018/09/13 12:0 a.m.84 views

CVE-2018-8429

CVE-2018-8429 is an information disclosure vulnerability in Microsoft Excel and related components (Excel Viewer, Office). The underlying issue is that Excel may disclose memory contents. Affected products include Excel 2010 SP2, 2016 (KB4092460), Office compatibility pack, and related Excel/Offi...

5.5CVSS5AI score0.12255EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.83 views

CVE-2011-0979

CVE-2011-0979 affects Microsoft Excel and related Office components (including Mac versions) where errors parsing Office Art records in Excel spreadsheets allow remote code execution via a malformed object record (stray reference). Root cause is improper error handling during parsing of Office Ar...

9.3CVSS7.5AI score0.26523EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.83 views

CVE-2012-1886

Summary: CVE-2012-1886 affects Microsoft Office Excel and related components. The vulnerability is triggered by a crafted spreadsheet that can cause memory corruption, enabling remote code execution or a denial of service. Affected products (as documented): Excel 2003 SP3; Excel 2007 SP2/SP3; Exc...

9.3CVSS7.6AI score0.21769EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.83 views

CVE-2015-6040

CVE-2015-6040 is a memory corruption vulnerability in Microsoft Office components (Excel 2007/2010, Excel for Mac 2011/2016, Office Compatibility Pack, Excel Viewer) that can be exploited remotely by a crafted Office document to execute arbitrary code. Root cause: improper handling of memory obje...

9.3CVSS7.5AI score0.13601EPSS
CVE
CVE
added 2016/12/20 5:54 a.m.83 views

CVE-2016-7264

CVE-2016-7264 affects Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac. It enables information disclosure via an out-of-bounds memory read in a crafted document; impact is memory contents exposure. No exploitation details are provid...

7.1CVSS6.7AI score0.23211EPSS
CVE
CVE
added 2008/03/11 11:0 p.m.82 views

CVE-2008-0115

CVE-2008-0115 : A remote-code-execution vulnerability in Microsoft Excel’s Formula Parsing affects Excel 2000 SP3–2007, Excel Viewer 2003, the Office Compatibility Pack, and Office for Mac 2004. The issue arises from improper handling of malformed formulas, allowing a user-assisted attacker to tr...

9.3CVSS9.7AI score0.39333EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.82 views

CVE-2008-3471

CVE-2008-3471 is a stack-based buffer overflow in Microsoft Excel’s BIFF file format parsing, triggered by a malformed record in a .xls file. Affected products include Excel 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1, Excel Viewer (2003 SP3) and related Mac components, as well as the Open XM...

9.3CVSS7.8AI score0.52318EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.82 views

CVE-2009-3128

CVE-2009-3128 describes a remote code execution vulnerability in Microsoft Office Excel via a malformed SxView record in Excel files. Affects Excel 2002 SP3, Excel 2003 SP3, and Excel Viewer 2003 SP3; exploitation leads to arbitrary code execution with the attacker gaining the user’s privileges. ...

9.3CVSS7.3AI score0.24879EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.82 views

CVE-2010-3232

CVE-2010-3232 covers multiple Microsoft Office Excel-related parsing flaws: Excel record parsing vulnerabilities that allow remote code execution when opening specially crafted Excel files. The root cause is improper validation/handling of record information in the Excel file format, leading to m...

9.3CVSS7.6AI score0.21413EPSS
CVE
CVE
added 2016/01/13 2:0 a.m.82 views

CVE-2016-0035

CVE-2016-0035 affects Microsoft Office components (notably Excel across Windows and Mac variants, plus Office Compatibility Pack and Excel Viewer) and is described as a memory corruption vulnerability that allows remote code execution when processing specially crafted Office documents. The root c...

9.3CVSS7.7AI score0.22688EPSS
CVE
CVE
added 2016/11/10 6:16 a.m.82 views

CVE-2016-7231

CVE-2016-7231 affects Microsoft Office components: Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer. Root cause is memory corruption from improper handling of objects in memory, enabling remote code execution when processing a crafted Office document. Affected p...

9.3CVSS7.6AI score0.18664EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.81 views

CVE-2009-3132

CVE-2009-3132 is the Excel Index Parsing Vulnerability: a remote-code-execution flaw in Microsoft Office Excel where pointer corruption occurs while parsing Excel formulas/indices in affected Office Excel versions (Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, plus Mac variants and viewers). A crafted ...

9.3CVSS7.4AI score0.25883EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.81 views

CVE-2011-1272

Summary (CVE-2011-1272) : This vulnerability affects Microsoft Excel and related components (Excel 2002 SP3, 2003 SP3, 2007 SP2; Office 2004/2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack SP2) and is caused by improper validation of record struct...

9.3CVSS7.5AI score0.17592EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.80 views

CVE-2012-0185

CVE-2012-0185 is a heap-based buffer overflow affecting Microsoft Excel 2007 SP2/SP3, Excel 2010 Gold/SP1, Excel Viewer, and Office Compatibility Pack SP2/SP3 . The vulnerability arises from inefficient/incorrect memory handling during opening of crafted spreadsheets , specifically related to the...

9.3CVSS8AI score0.24628EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.80 views

CVE-2015-2558

CVE-2015-2558 is a use-after-free memory corruption vulnerability in Microsoft Office components (e.g., Excel 2007 SP3, 2010 SP2, 2013 SP1/RT SP1, 2016; Office for Mac 2011/2016; Excel Services on SharePoint Server 2007 SP3/2010 SP2/2013 SP1) that allows remote code execution via a long fileVersi...

9.3CVSS7.5AI score0.20151EPSS
CVE
CVE
added 2018/08/15 5:0 p.m.80 views

CVE-2018-8382

CVE-2018-8382 is an information-disclosure vulnerability in Microsoft Excel family. Connected advisories attribute the root cause to a missing length verification during parsing of workbook streams, enabling a remote attacker to obtain sensitive memory contents. Affected products include Microsof...

5.5CVSS5.5AI score0.12255EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.79 views

CVE-2009-3134

CVE-2009-3134 is the Excel Field Sanitization Vulnerability. It affects Microsoft Office Excel components across Windows and Mac platforms listed in the entries, including Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Office 2004/2008 for Mac, Open XML Converter for Mac, Excel Viewer SKUs, and the Offi...

9.3CVSS7.4AI score0.25777EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.79 views

CVE-2016-3381

Microsoft Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibility Pack SP3, and Excel Viewer are affected by CVE-2016-3381, a memory-corruption vulnerability in Office components that allows remote code execution via a crafted document. The CNVD entry corroborates a remote att...

9.3CVSS7.6AI score0.14969EPSS
CVE
CVE
added 2006/07/13 9:0 p.m.75 views

CVE-2006-2388

Summary: CVE-2006-2388 is a remote code execution vulnerability in Microsoft Office Excel (2000–2004) caused by a flaw when Excel rebuilds metadata after processing malformed cell comments. An attacker must lure a user into opening a crafted .XLS file, which could allow code execution with the cu...

9.3CVSS7.2AI score0.10784EPSS
CVE
CVE
added 2007/01/09 10:0 p.m.74 views

CVE-2007-0027

CVE-2007-0027 affects Microsoft Excel versions including Excel 2000 SP3, 2002 SP3, 2003 SP2, Excel 2004 for Mac, and Excel v.X for Mac. The flaw is a remote code execution due to memory corruption when parsing malformed IMDATA records in BIFF Excel files. An attacker could exploit this by enticin...

9.3CVSS7.6AI score0.3117EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.74 views

CVE-2011-1274

Vulnerability CVE-2011-1274 affects Microsoft Excel and related Office components across multiple platforms (Excel 2002/2003/2007; Office for Mac 2004/2008; Excel Viewer; Open XML Converter for Mac; Office Compatibility Pack). The issue arises when parsing certain Excel record structures, where i...

9.3CVSS7.6AI score0.1332EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.74 views

CVE-2015-6177

CVE-2015-6177 is a remote code execution memory-corruption vulnerability in Microsoft Office components. A crafted Office document can trigger arbitrary code execution in Excel 2007 SP3, Office Compatibility Pack SP3, or Excel Viewer by abusing how Office handles objects in memory during document...

9.3CVSS7.5AI score0.13601EPSS
CVE
CVE
added 2007/01/09 11:0 p.m.73 views

CVE-2007-0030

CVE-2007-0030 is the Excel Malformed Column Record Vulnerability. A memory corruption flaw occurs when parsing the BIFF8 Column field, allowing a remote attacker to execute arbitrary code by convincing a user to open a crafted Excel file. Affected products include Microsoft Excel 2000 SP3, 2002 S...

9.3CVSS7.4AI score0.32093EPSS
CVE
CVE
added 2007/01/09 11:0 p.m.73 views

CVE-2007-0031

CVE-2007-0031 affects Microsoft Excel: heap-based buffer overflow in BIFF8 PALETTE records can allow a user-assisted remote attacker to execute arbitrary code. Vulnerable products include Excel 2000 SP3, 2002 SP3, 2003 SP2, and Mac versions (2004 for Mac, v.X for Mac). The flaw is triggered by op...

9.3CVSS7.7AI score0.41694EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.73 views

CVE-2011-0978

CVE-2011-0978 is a remote code execution vulnerability in Microsoft Excel and related Office components caused by a memory corruption/stack-based overflow while parsing the Axis Properties/ SxView records (vulnerable in Excel 2002 SP3, 2003 SP3, 2007 SP2, Office for Mac 2004, Excel Viewer SP2, an...

9.3CVSS7.9AI score0.42562EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.73 views

CVE-2013-3889

This CVE (CVE-2013-3889) corresponds to a memory corruption vulnerability in Microsoft Excel and related Office components. The affected products include Excel 2007 SP3, 2010 SP1/SP2, 2013 and RT, Office 2007 SP3, 2010 SP1/SP2, 2013/RT, Office for Mac 2011, Excel Viewer, Office Compatibility Pack...

9.3CVSS7.4AI score0.21117EPSS
CVE
CVE
added 2011/09/15 10:0 a.m.72 views

CVE-2011-1989

CVE-2011-1989 corresponds to a vulnerability in Microsoft Excel and related Office components where conditional expressions used for formatting could be parsed incorrectly. A crafted spreadsheet could lead to remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, 2010 SP1, Off...

9.3CVSS7.5AI score0.21135EPSS
CVE
CVE
added 2006/06/17 1:0 a.m.71 views

CVE-2006-3059

Technical details for CVE-2006-3059 are not provided in the supplied documents; no affected product/version/impact is specified beyond a generic note. Monitor for updates.

9.3CVSS7.3AI score0.41113EPSS
CVE
CVE
added 2007/01/09 11:0 p.m.71 views

CVE-2007-0029

CVE-2007-0029 is the Excel Malformed String Vulnerability affecting Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and Excel 2004/Mac (and Excel v.X for Mac). The issue allows user-assisted remote attackers to achieve arbitrary code execution by parsing a malformed string in Excel files. Microsoft...

9.3CVSS7.6AI score0.30079EPSS
CVE
CVE
added 2008/03/11 11:0 p.m.70 views

CVE-2008-0111

CVE-2008-0111 : A remote code execution vulnerability in Microsoft Excel 2000 SP3 through 2007, Excel Viewer 2003, Compatibility Pack, and Office 2004 for Mac exists due to improper validation of data in BIFF8 data validation records when loading files. Exploitation requires a user to open a craf...

9.3CVSS9.7AI score0.50862EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.70 views

CVE-2008-4266

CVE-2008-4266 (Excel Global Array Memory Corruption Vulnerability) is a remote code execution flaw in Microsoft Office Excel and related components (Excel 2000 SP3, 2002 SP3, 2003 SP3; Excel Viewer 2003 Gold/SP3; Office 2004/2008 for Mac; Open XML File Format Converter for Mac). The vulnerability...

9.3CVSS7.3AI score0.27585EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.70 views

CVE-2009-3133

CVE-2009-3133 is the Excel Document Parsing Memory Corruption vulnerability affecting Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and the Open XML File Format Converter for Mac. It arises from memory corruption when loading Excel records (malformed objects), enabling remote cod...

9.3CVSS7.4AI score0.24879EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.70 views

CVE-2013-3890

Summary (CVE-2013-3890) : Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 are affected by memory corruption vulnerabilities that allow remote code execution via a crafted Office document. The issue is documented as two memory-corruption vulnerabilities enabling arbitrary...

9.3CVSS7.4AI score0.20022EPSS
Total number of security vulnerabilities125