12 matches found
CVE-2013-3906
CVE-2013-3906 is a memory corruption vulnerability in Microsoft Windows Graphics Component (TIFF handling) that could allow remote code execution. It affected GDI+ in Windows Vista SP2/Server 2008 SP2 and Office suites (Office 2003 SP3, 2007 SP3, 2010 SP1/SP2, Office Compatibility Pack SP3) and L...
CVE-2016-7262
CVE-2016-7262 is a Microsoft Office vulnerability (Microsoft Excel family) described as a Security Feature Bypass: a crafted cell mishandled on click can allow user-assisted remote command execution. Affected products include Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibi...
CVE-2009-3129
CVE-2009-3129 concerns a remote-code-execution vulnerability in Microsoft Office Excel and related components caused by a FEATHEADER record with an invalid cbHdrData size that affects a pointer offset. Affected products include Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Open XML File Format Converte...
CVE-2011-0097
CVE-2011-0097 is a Microsoft Excel integer-overflow in the 400h substream parsing that can trigger a stack-based buffer overflow and remote code execution. Affected are Excel on Windows (2002 SP3/2003 SP3/2007 SP2/2010) and Mac variants, plus related File Format converters/viewers. The vulnerabil...
CVE-2019-0669
CVE-2019-0669 is an information-disclosure vulnerability in Microsoft Excel where memory contents can be disclosed when a crafted document is opened. The issue arises from Excel failing to properly isolate or protect memory contents during document processing, enabling an attacker to obtain data ...
CVE-2019-0540
CVE-2019-0540 is a security feature bypass in Microsoft Office where URLs are not properly validated, enabling phishing-style credential theft when a victim opens a specially crafted file (Word component). The vulnerability is addressed by Microsoft Office security updates released in February 20...
CVE-2011-0098
CVE-2011-0098 corresponds to a remote code execution vulnerability in Microsoft Office Excel. The issue is a buffer/heap overflow in parsing the Label record (Excel file format), allowing remote attackers to run arbitrary code by convincing a user to open a malicious XLS file. Affected products i...
CVE-2018-8246
CVE-2018-8246 affects Microsoft Excel and related Office components. The connected advisories describe an information-disclosure vulnerability caused by the inclusion of uninitialized memory when processing parsed expressions in FORMULA records within Excel workbooks, allowing disclosure of sensi...
CVE-2008-4019
CVE-2008-4019 is an integer overflow in Excel’s REPT function used when parsing a formula within a cell, affecting multiple Windows and Mac Excel versions (e.g., 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1) and related viewers/compat packs. The vulnerability allows remote code execution if a ...
CVE-2011-0979
CVE-2011-0979 affects Microsoft Excel and related Office components (including Mac versions) where errors parsing Office Art records in Excel spreadsheets allow remote code execution via a malformed object record (stray reference). Root cause is improper error handling during parsing of Office Ar...
CVE-2008-3471
CVE-2008-3471 is a stack-based buffer overflow in Microsoft Excel’s BIFF file format parsing, triggered by a malformed record in a .xls file. Affected products include Excel 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1, Excel Viewer (2003 SP3) and related Mac components, as well as the Open XM...
CVE-2011-0978
CVE-2011-0978 is a remote code execution vulnerability in Microsoft Excel and related Office components caused by a memory corruption/stack-based overflow while parsing the Axis Properties/ SxView records (vulnerable in Excel 2002 SP3, 2003 SP3, 2007 SP2, Office for Mac 2004, Excel Viewer SP2, an...