Lucene search
K

58 matches found

CVE
CVE
added 2012/05/09 12:0 a.m.196 views

CVE-2012-1847

CVE-2012-1847 affects Microsoft Office Excel and related components (Excel 2003 SP3; Excel 2007 SP2/SP3; Excel 2010 SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability stems from memory handling when opening specially crafted spreadsheets, enabling r...

9.3CVSS7.9AI score0.25099EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.171 views

CVE-2012-0142

CVE-2012-0142 involves a memory corruption vulnerability in Microsoft Excel/file format handling (OBJECTLINK record) that can be triggered by opening a crafted spreadsheet, leading to remote code execution. Affected products include Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008, Exc...

9.3CVSS7.4AI score0.21596EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.162 views

CVE-2012-0184

CVE-2012-0184 affects Microsoft Excel and related Office components: Excel 2003 SP3, 2007 SP2/SP3, 2010 Gold/SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3. The issue is a memory handling error when opening a crafted spreadsheet, enabling remote code execution. Thi...

9.3CVSS7.5AI score0.24221EPSS
CVE
CVE
added 2011/09/15 10:0 a.m.158 views

CVE-2011-1988

Microsoft Excel heap memory corruption vulnerability (MS11-072) tied to parsing BIFF2 records in Excel files can allow remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, Office 2007 SP2, Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP2, and related Mac...

9.3CVSS7.4AI score0.18609EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.157 views

CVE-2013-1315

CVE-2013-1315 is a remote code execution/memory corruption vulnerability affecting Microsoft Office components. The public records identify affected products as Microsoft SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013; Office Web Apps 2010; Excel 2003 SP3/2007 SP3/2010 SP1/SP2/2013/2013 RT; Offic...

9.3CVSS7.6AI score0.28702EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.154 views

CVE-2012-2543

CVE-2012-2543 is a stack-based buffer overflow in Microsoft Excel components (Windows: Excel 2007 SP2/SP3, Excel 2010 SP1; Mac: Office 2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability arises while handling crafted spreadsheets, enabling remote code execution. Connected so...

9.3CVSS7.9AI score0.26204EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.147 views

CVE-2009-3130

CVE-2009-3130 corresponds to the Excel Document Parsing Heap Overflow vulnerability. Affected software includes Microsoft Office Excel 2002 SP3, Excel 2003 and newer on Windows via BIFF parsing, and Office for Mac variants plus the Open XML File Format Converter for Mac. The root cause is imprope...

9.3CVSS7.7AI score0.28934EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.143 views

CVE-2012-0141

CVE-2012-0141 affects Microsoft Excel and related Office components across Windows and Mac platforms (Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1/Gold, Office 2011 for Mac, Excel Viewer, Office Compatibility Pack). The root cause is memory corruption during parsing/opening specially crafted Excel/RTF ...

9.3CVSS7.5AI score0.21769EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.138 views

CVE-2011-1273

Microsoft Excel (Windows: 2002/2003/2007/2010; Mac: 2004/2008/2011; Open XML Converter for Mac; Excel Viewer; Office Compatibility Pack) is affected by CVE-2011-1273 due to improper validation/parsing of Excel records. Multiple advisories attribute the issue to parsing errors (record-type handlin...

9.3CVSS7.6AI score0.16968EPSS
CVE
CVE
added 2016/04/12 11:0 p.m.115 views

CVE-2016-0122

CVE-2016-0122 affects Microsoft Office Excel across multiple versions (2007 SP3, 2010 SP2, 2013 SP1/RT SP1, 2016) and Office components; the vulnerability is a memory corruption/out-of-bounds read in Excel that enables remote code execution when a specially crafted Office document is opened. An e...

9.3CVSS7.8AI score0.41126EPSS
CVE
CVE
added 2018/01/10 1:0 a.m.110 views

CVE-2018-0796

CVE-2018-0796 is a remote code execution vulnerability affecting Microsoft Excel in Office 2007–2016 due to how in-memory objects are handled. The core issue enables an attacker to run arbitrary code when a crafted file is opened, with a CVSS v3 base score of 8.8 (HIGH) and NETWORK attack vector,...

9.3CVSS8.8AI score0.23257EPSS
CVE
CVE
added 2017/03/17 12:0 a.m.109 views

CVE-2017-0006

Technical details (affected products, root cause, and remediation) are not provided in the connected documents beyond the initial CVE summary; monitor for updates.

9.3CVSS6.7AI score0.16607EPSS
CVE
CVE
added 2015/09/09 12:0 a.m.108 views

CVE-2015-2520

CVE-2015-2520 affects Microsoft Office components including Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011/2016, Office Compatibility Pack SP3, and Excel Viewer. The root cause is a memory corruption due to improper handling of objects in memory, leading to remote code execution when a crafte...

9.3CVSS7.5AI score0.2769EPSS
CVE
CVE
added 2017/03/17 12:0 a.m.107 views

CVE-2017-0052

The CVE affects Microsoft Office components: Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3. It is a memory corruption vulnerability exploitable via a crafted document, potentially allowing remote code execution or denial of service. ...

9.3CVSS6.7AI score0.16607EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.106 views

CVE-2016-3358

CVE-2016-3358 affects Microsoft Office and Excel components across Windows and Mac platforms (Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; Office Online Server; Office Viewer; SharePoint Excel Services). The vulnerability is described as a memory corruption in Office applications that a...

9.3CVSS7.7AI score0.18434EPSS
CVE
CVE
added 2015/03/11 10:0 a.m.98 views

CVE-2015-0085

CVE-2015-0085 is a use-after-free vulnerability in Microsoft Office components (including Office 2007/2010/2013 suites and related SharePoint/Viewer components) that enables remote code execution via a crafted Office document. The issue affects a broad set of Office applications and SharePoint-re...

9.3CVSS7.4AI score0.18825EPSS
CVE
CVE
added 2016/12/20 5:54 a.m.98 views

CVE-2016-7265

CVE-2016-7265 affects Microsoft Office components (notably Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3/2010 SP2). The vulnerability is described as an information disclosure via an out-of-boun...

7.1CVSS6.7AI score0.22571EPSS
CVE
CVE
added 2015/11/11 11:0 a.m.97 views

CVE-2015-6038

CVE-2015-6038 affects Microsoft Office products including Excel 2007/2010/2013/2016 (Windows and Mac) and related components, as well as Excel Services on SharePoint Server and Office viewers. The vulnerability stems from memory corruption triggered by specially crafted Office documents, enabling...

9.3CVSS7.5AI score0.35638EPSS
CVE
CVE
added 2009/02/25 4:0 p.m.96 views

CVE-2009-0238

CVE-2009-0238 corresponds to a remote code execution vulnerability in Microsoft Office Excel and related components (Excel Viewer, Compatibility Pack, and Mac variants) triggered by opening a crafted Excel document that causes an invalid object access. The issue manifests as memory/code execution...

9.3CVSS7.4AI score0.43063EPSS
In wild
CVE
CVE
added 2016/12/20 5:54 a.m.96 views

CVE-2016-7266

CVE-2016-7266 affects multiple Microsoft Office/Excel variants (Windows: Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; macOS: Excel 2016) and the Office Compatibility Pack, Excel Viewer, and Excel for Mac. The root cause is mishandling of a registry check when running embedded content, d...

7.8CVSS7.9AI score0.22155EPSS
CVE
CVE
added 2016/04/12 11:0 p.m.93 views

CVE-2016-0139

CVE-2016-0139 is a memory corruption vulnerability in Microsoft Office products (Excel 2010 SP2, Word for Mac 2011, Excel Viewer) that enables remote code execution when a crafted Office document is opened. Multiple connected sources confirm it stems from improper handling of objects in memory, a...

9.3CVSS7.8AI score0.1629EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.93 views

CVE-2016-3359

CVE-2016-3359 affects Microsoft Office components (Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Viewer). The issue is a memory corruption vulnerability in Office that allows remote code execution via a crafted document. The CVE entry’s linked sources (NVD/NVD-variant and r...

9.3CVSS7.6AI score0.17466EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.90 views

CVE-2009-3127

CVE-2009-3127 (Excel Cache Memory Corruption) is a remote code execution vulnerability in Microsoft Office Excel variants: Excel 2002 SP3, 2003 SP3, 2004/2008 for Mac, Open XML File Format Converter for Mac, and Excel Viewer 2003 SP3. It stems from improper parsing of the Excel file format, allow...

9.3CVSS7.3AI score0.25075EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.88 views

CVE-2016-3362

CVE-2016-3362 and CVE-2016-3365 are memory‑corruption vulnerabilities in Microsoft Office components (notably Excel across multiple versions and Office/SharePoint services) that allow remote code execution via a crafted document. The root cause is memory handling flaws in Office components when p...

9.3CVSS7.6AI score0.17466EPSS
CVE
CVE
added 2015/09/09 12:0 a.m.87 views

CVE-2015-2523

CVE-2015-2523 describes a memory corruption vulnerability in Microsoft Office components (notably Excel 2007 SP3, 2010 SP2, 2013 SP1/RT SP1, Mac 2011/2016, Office Compatibility Pack SP3, and Excel Viewer) that allows remote code execution when processing crafted Office documents. The root cause i...

9.3CVSS7.4AI score0.30315EPSS
CVE
CVE
added 2015/09/09 12:0 a.m.86 views

CVE-2015-2521

CVE-2015-2521 is a memory corruption vulnerability in Microsoft Office components (Excel 2007 SP3/2010 SP2, Office Compatibility Pack, Excel Viewer) that allows remote code execution when processing specially crafted Office documents. Public sources confirm in-the-wild exploitation for this famil...

9.3CVSS7.5AI score0.2769EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.85 views

CVE-2015-6122

CVE-2015-6122 is part of the MS15-131 memory corruption family affecting multiple Microsoft Office products. The connected Nessus plugin (MS15-131) links CVE-2015-6122 to remote code execution via crafted Office documents, with Mac OS X Office versions (MACOSX_MS15-131_OFFICE.NASL) and Office for...

9.3CVSS7.5AI score0.13601EPSS
CVE
CVE
added 2016/11/10 6:16 a.m.85 views

CVE-2016-7229

CVE-2016-7229 is a memory corruption vulnerability in Microsoft Office/Excel affecting multiple Office versions (including Excel 2007/2010/2013/2016 and Mac variants) that allows remote code execution via a crafted Office document. The issue stems from improper handling of objects in memory, enab...

9.3CVSS7.6AI score0.19282EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.82 views

CVE-2009-3128

CVE-2009-3128 describes a remote code execution vulnerability in Microsoft Office Excel via a malformed SxView record in Excel files. Affects Excel 2002 SP3, Excel 2003 SP3, and Excel Viewer 2003 SP3; exploitation leads to arbitrary code execution with the attacker gaining the user’s privileges. ...

9.3CVSS7.3AI score0.24879EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.82 views

CVE-2012-1886

Summary: CVE-2012-1886 affects Microsoft Office Excel and related components. The vulnerability is triggered by a crafted spreadsheet that can cause memory corruption, enabling remote code execution or a denial of service. Affected products (as documented): Excel 2003 SP3; Excel 2007 SP2/SP3; Exc...

9.3CVSS7.6AI score0.21769EPSS
CVE
CVE
added 2016/07/13 1:0 a.m.82 views

CVE-2016-3284

CVE-2016-3284 affects Microsoft Excel components across numerous products (Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; Excel for Mac 2011/2016; Office Compatibility Pack SP3; Excel Viewer). Root cause is memory corruption when processing crafted Office documents, enabling remote code e...

9.3CVSS7.6AI score0.19641EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.81 views

CVE-2009-3132

CVE-2009-3132 is the Excel Index Parsing Vulnerability: a remote-code-execution flaw in Microsoft Office Excel where pointer corruption occurs while parsing Excel formulas/indices in affected Office Excel versions (Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, plus Mac variants and viewers). A crafted ...

9.3CVSS7.4AI score0.25883EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.81 views

CVE-2010-3232

CVE-2010-3232 covers multiple Microsoft Office Excel-related parsing flaws: Excel record parsing vulnerabilities that allow remote code execution when opening specially crafted Excel files. The root cause is improper validation/handling of record information in the Excel file format, leading to m...

9.3CVSS7.6AI score0.21413EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.81 views

CVE-2015-6040

CVE-2015-6040 is a memory corruption vulnerability in Microsoft Office components (Excel 2007/2010, Excel for Mac 2011/2016, Office Compatibility Pack, Excel Viewer) that can be exploited remotely by a crafted Office document to execute arbitrary code. Root cause: improper handling of memory obje...

9.3CVSS7.5AI score0.13601EPSS
CVE
CVE
added 2016/02/10 11:0 a.m.81 views

CVE-2016-0054

CVE-2016-0054 affects multiple Microsoft Office components (notably Excel across Windows and macOS, including Office viewers/SharePoint services). The underlying issue is memory corruption triggered by processing a crafted Office document, enabling remote code execution. Public references describ...

9.3CVSS7.7AI score0.16074EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.81 views

CVE-2016-3365

CVE-2016-3365 is a Microsoft Office memory corruption vulnerability affecting Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Exc...

9.3CVSS7.6AI score0.19867EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.80 views

CVE-2016-3363

CVE-2016-3363 affects Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer. The vulnerability is a memory-corruption flaw triggered by a crafted document, enabling remote code execution with the attacker gaining t...

9.3CVSS7.6AI score0.20203EPSS
CVE
CVE
added 2015/10/14 1:0 a.m.79 views

CVE-2015-2558

CVE-2015-2558 is a use-after-free memory corruption vulnerability in Microsoft Office components (e.g., Excel 2007 SP3, 2010 SP2, 2013 SP1/RT SP1, 2016; Office for Mac 2011/2016; Excel Services on SharePoint Server 2007 SP3/2010 SP2/2013 SP1) that allows remote code execution via a long fileVersi...

9.3CVSS7.5AI score0.23007EPSS
CVE
CVE
added 2016/12/20 5:54 a.m.79 views

CVE-2016-7264

CVE-2016-7264 affects Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac. It enables information disclosure via an out-of-bounds memory read in a crafted document; impact is memory contents exposure. No exploitation details are provid...

7.1CVSS6.7AI score0.23211EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.78 views

CVE-2009-3134

CVE-2009-3134 is the Excel Field Sanitization Vulnerability. It affects Microsoft Office Excel components across Windows and Mac platforms listed in the entries, including Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Office 2004/2008 for Mac, Open XML Converter for Mac, Excel Viewer SKUs, and the Offi...

9.3CVSS7.4AI score0.25777EPSS
CVE
CVE
added 2016/01/13 2:0 a.m.78 views

CVE-2016-0035

CVE-2016-0035 affects Microsoft Office components (notably Excel across Windows and Mac variants, plus Office Compatibility Pack and Excel Viewer) and is described as a memory corruption vulnerability that allows remote code execution when processing specially crafted Office documents. The root c...

9.3CVSS7.7AI score0.22688EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.77 views

CVE-2012-0185

CVE-2012-0185 is a heap-based buffer overflow affecting Microsoft Excel 2007 SP2/SP3, Excel 2010 Gold/SP1, Excel Viewer, and Office Compatibility Pack SP2/SP3 . The vulnerability arises from inefficient/incorrect memory handling during opening of crafted spreadsheets , specifically related to the...

9.3CVSS8AI score0.24628EPSS
CVE
CVE
added 2016/11/10 6:16 a.m.77 views

CVE-2016-7231

CVE-2016-7231 affects Microsoft Office components: Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer. Root cause is memory corruption from improper handling of objects in memory, enabling remote code execution when processing a crafted Office document. Affected p...

9.3CVSS7.6AI score0.18664EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.76 views

CVE-2011-1272

Summary (CVE-2011-1272) : This vulnerability affects Microsoft Excel and related components (Excel 2002 SP3, 2003 SP3, 2007 SP2; Office 2004/2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack SP2) and is caused by improper validation of record struct...

9.3CVSS7.5AI score0.17592EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.74 views

CVE-2011-1274

Vulnerability CVE-2011-1274 affects Microsoft Excel and related Office components across multiple platforms (Excel 2002/2003/2007; Office for Mac 2004/2008; Excel Viewer; Open XML Converter for Mac; Office Compatibility Pack). The issue arises when parsing certain Excel record structures, where i...

9.3CVSS7.6AI score0.1332EPSS
CVE
CVE
added 2015/12/09 11:0 a.m.72 views

CVE-2015-6177

CVE-2015-6177 is a remote code execution memory-corruption vulnerability in Microsoft Office components. A crafted Office document can trigger arbitrary code execution in Excel 2007 SP3, Office Compatibility Pack SP3, or Excel Viewer by abusing how Office handles objects in memory during document...

9.3CVSS7.5AI score0.13601EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.71 views

CVE-2013-3889

This CVE (CVE-2013-3889) corresponds to a memory corruption vulnerability in Microsoft Excel and related Office components. The affected products include Excel 2007 SP3, 2010 SP1/SP2, 2013 and RT, Office 2007 SP3, 2010 SP1/SP2, 2013/RT, Office for Mac 2011, Excel Viewer, Office Compatibility Pack...

9.3CVSS7.4AI score0.27399EPSS
CVE
CVE
added 2016/09/14 10:0 a.m.71 views

CVE-2016-3381

Microsoft Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibility Pack SP3, and Excel Viewer are affected by CVE-2016-3381, a memory-corruption vulnerability in Office components that allows remote code execution via a crafted document. The CNVD entry corroborates a remote att...

9.3CVSS7.6AI score0.14969EPSS
CVE
CVE
added 2013/10/09 2:44 p.m.69 views

CVE-2013-3890

Summary (CVE-2013-3890) : Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 are affected by memory corruption vulnerabilities that allow remote code execution via a crafted Office document. The issue is documented as two memory-corruption vulnerabilities enabling arbitrary...

9.3CVSS7.4AI score0.20022EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.68 views

CVE-2009-3131

CVE-2009-3131 is the Excel Formula Parsing Memory Corruption vulnerability. The issue affects Microsoft Office Excel and related components across multiple platforms: Excel 2002 SP3, 2003 SP3, and 2007 SP1/SP2; Office 2004/2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer 2003 SP...

9.3CVSS7.3AI score0.24879EPSS
Total number of security vulnerabilities58