Lucene search
K

12 matches found

CVE
CVE
added 2013/11/06 11:0 a.m.1136 views

CVE-2013-3906

CVE-2013-3906 is a memory corruption vulnerability in Microsoft Windows Graphics Component (TIFF handling) that could allow remote code execution. It affected GDI+ in Windows Vista SP2/Server 2008 SP2 and Office suites (Office 2003 SP3, 2007 SP3, 2010 SP1/SP2, Office Compatibility Pack SP3) and L...

9.3CVSS9.4AI score0.84971EPSS
In wild
CVE
CVE
added 2016/12/20 5:54 a.m.1093 views

CVE-2016-7262

CVE-2016-7262 is a Microsoft Office vulnerability (Microsoft Excel family) described as a Security Feature Bypass: a crafted cell mishandled on click can allow user-assisted remote command execution. Affected products include Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibi...

7.8CVSS7.8AI score0.58204EPSS
In wild
CVE
CVE
added 2009/11/11 7:0 p.m.1009 views

CVE-2009-3129

CVE-2009-3129 concerns a remote-code-execution vulnerability in Microsoft Office Excel and related components caused by a FEATHEADER record with an invalid cbHdrData size that affects a pointer offset. Affected products include Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Open XML File Format Converte...

9.3CVSS7.5AI score0.85731EPSS
In wild
CVE
CVE
added 2011/04/13 6:0 p.m.147 views

CVE-2011-0097

CVE-2011-0097 is a Microsoft Excel integer-overflow in the 400h substream parsing that can trigger a stack-based buffer overflow and remote code execution. Affected are Excel on Windows (2002 SP3/2003 SP3/2007 SP2/2010) and Mac variants, plus related File Format converters/viewers. The vulnerabil...

9.3CVSS7.6AI score0.38221EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.117 views

CVE-2019-0669

CVE-2019-0669 is an information-disclosure vulnerability in Microsoft Excel where memory contents can be disclosed when a crafted document is opened. The issue arises from Excel failing to properly isolate or protect memory contents during document processing, enabling an attacker to obtain data ...

6.5CVSS5.9AI score0.0643EPSS
CVE
CVE
added 2019/03/06 12:0 a.m.116 views

CVE-2019-0540

CVE-2019-0540 is a security feature bypass in Microsoft Office where URLs are not properly validated, enabling phishing-style credential theft when a victim opens a specially crafted file (Word component). The vulnerability is addressed by Microsoft Office security updates released in February 20...

5.5CVSS5.5AI score0.12783EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.92 views

CVE-2011-0098

CVE-2011-0098 corresponds to a remote code execution vulnerability in Microsoft Office Excel. The issue is a buffer/heap overflow in parsing the Label record (Excel file format), allowing remote attackers to run arbitrary code by convincing a user to open a malicious XLS file. Affected products i...

9.3CVSS7.6AI score0.30499EPSS
CVE
CVE
added 2018/06/14 12:0 p.m.87 views

CVE-2018-8246

CVE-2018-8246 affects Microsoft Excel and related Office components. The connected advisories describe an information-disclosure vulnerability caused by the inclusion of uninitialized memory when processing parsed expressions in FORMULA records within Excel workbooks, allowing disclosure of sensi...

5.5CVSS5AI score0.17359EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.84 views

CVE-2008-4019

CVE-2008-4019 is an integer overflow in Excel’s REPT function used when parsing a formula within a cell, affecting multiple Windows and Mac Excel versions (e.g., 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1) and related viewers/compat packs. The vulnerability allows remote code execution if a ...

9.3CVSS7.5AI score0.34415EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.82 views

CVE-2011-0979

CVE-2011-0979 affects Microsoft Excel and related Office components (including Mac versions) where errors parsing Office Art records in Excel spreadsheets allow remote code execution via a malformed object record (stray reference). Root cause is improper error handling during parsing of Office Ar...

9.3CVSS7.5AI score0.26523EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.80 views

CVE-2008-3471

CVE-2008-3471 is a stack-based buffer overflow in Microsoft Excel’s BIFF file format parsing, triggered by a malformed record in a .xls file. Affected products include Excel 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1, Excel Viewer (2003 SP3) and related Mac components, as well as the Open XM...

9.3CVSS7.8AI score0.52318EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.71 views

CVE-2011-0978

CVE-2011-0978 is a remote code execution vulnerability in Microsoft Excel and related Office components caused by a memory corruption/stack-based overflow while parsing the Axis Properties/ SxView records (vulnerable in Excel 2002 SP3, 2003 SP3, 2007 SP2, Office for Mac 2004, Excel Viewer SP2, an...

9.3CVSS7.9AI score0.42562EPSS