Lucene search
K
MicrosoftExcel Viewer2007

18 matches found

CVE
CVE
added 2019/01/08 9:0 p.m.1080 views

CVE-2019-0541

CVE-2019-0541 – MSHTML Engine Remote Code Execution involves an input validation vulnerability in the MSHTML engine that can let an attacker execute arbitrary code on affected systems. Affected software includes Internet Explorer (IE9/10/11), Microsoft Office components (Office/Word/Excel viewers...

9.3CVSS7.9AI score0.53202EPSS
In wild
CVE
CVE
added 2015/07/14 9:0 p.m.937 views

CVE-2015-2424

CVE-2015-2424: Microsoft Office memory corruption in PowerPoint/Word components allows remote code execution or memory corruption via a crafted Office document. Affected products include PowerPoint 2007 SP3, Word 2007 SP3, PowerPoint 2010 SP2, Word 2010 SP2, PowerPoint 2013 SP1, Word 2013 SP1, an...

9.3CVSS9.3AI score0.38497EPSS
In wild
CVE
CVE
added 2018/08/15 5:0 p.m.197 views

CVE-2018-8378

CVE-2018-8378 describes an information disclosure in Microsoft Office when Office reads out-of-bounds memory due to an uninitialized variable, potentially exposing memory contents. Affected components include Word, SharePoint Server, Word/Excel Viewers, and related Office products. Connected Open...

5.5CVSS4.9AI score0.08247EPSS
CVE
CVE
added 2017/09/13 1:0 a.m.137 views

CVE-2017-8631

CVE-2017-8744 is a remote code execution in Microsoft Office components caused by improper handling of in-memory objects, leading to memory corruption. Documented affected software includes Excel Services and Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, as well as related Office Web...

9.3CVSS7.6AI score0.16358EPSS
CVE
CVE
added 2018/10/10 1:0 p.m.135 views

CVE-2018-8432

CVE-2018-8432 is a remote code execution in Microsoft Graphics Components. It affects Windows and Office components (e.g., Office, Word Viewer, Excel Viewer, PowerPoint Viewer) across multiple Windows and Office versions; the underlying issue is how Graphics Components handle objects in memory. E...

9.3CVSS8.2AI score0.19629EPSS
CVE
CVE
added 2017/11/15 3:0 a.m.125 views

CVE-2017-11878

CVE-2017-11878 affects multiple Microsoft Excel/Office components (Excel 2007 SP3, 2017-era Excel/Viewer and Office Compatibility Pack SP3). The vulnerability arises from improper handling of objects in memory, leading to memory corruption that can allow an attacker to execute arbitrary code in t...

9.3CVSS7.4AI score0.06167EPSS
CVE
CVE
added 2017/11/15 3:0 a.m.117 views

CVE-2017-11877

CVE-2017-11877 describes a security feature bypass in Microsoft Excel where macro settings were not enforced on a document, potentially allowing macros to run when they should be blocked. Connected MS KB update notes show the issue affects Excel 2016 (and related Excel entry points) and can be mi...

5.5CVSS6.2AI score0.04546EPSS
CVE
CVE
added 2018/11/14 1:0 a.m.115 views

CVE-2018-8577

CVE-2018-8577 affects Microsoft Excel (and related Office components). The vulnerability arises when Excel fails to properly handle objects in memory, enabling a remote code execution where an attacker could run arbitrary code in the context of the current user. CVSSv3 vector indicates a local at...

9.3CVSS7.9AI score0.19059EPSS
CVE
CVE
added 2018/12/12 12:0 a.m.106 views

CVE-2018-8627

CVE-2018-8627 (Microsoft Excel information disclosure) : An information-disclosure flaw in Excel when reading memory out of bounds due to an uninitialized variable. Affected products include Microsoft Office/Excel and related viewers. Exploitation requires opening a specially crafted file; succes...

5.5CVSS4.9AI score0.08662EPSS
CVE
CVE
added 2017/07/11 9:0 p.m.98 views

CVE-2017-8501

CVE-2017-8501 is described across connected CNVD/OpenVAS entries as a memory corruption vulnerability in Microsoft Office components (notably Word/Excel/SharePoint) that can be triggered by specially crafted files to yield remote code execution or DoS under the current user. The root cause cited ...

9.3CVSS7.8AI score0.23321EPSS
CVE
CVE
added 2015/07/14 9:0 p.m.90 views

CVE-2015-2376

CVE-2015-2376 affects multiple Microsoft Office components (Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1/RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3/2010 SP2/2013 SP1). The vulnerability is a memory corrupti...

9.3CVSS7.7AI score0.15746EPSS
CVE
CVE
added 2018/10/10 1:0 p.m.90 views

CVE-2018-8427

CVE-2018-8427 is an information-disclosure vulnerability in Microsoft Graphics Components that affects Microsoft Office family products (Office, Word Viewer, PowerPoint/Excel Viewers, Office 365 ProPlus) and related Windows components (Windows Server 2008). The root cause involves improper handli...

5.5CVSS5.7AI score0.02293EPSS
CVE
CVE
added 2015/07/14 9:0 p.m.85 views

CVE-2015-2378

CVE-2015-2378 is an Untrusted Search Path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3. The root cause is DLL loading from the current working directory (Trojan horse DLL) that enables local privilege elevation. Documents indi...

6.9CVSS7AI score0.06135EPSS
CVE
CVE
added 2018/08/15 5:0 p.m.85 views

CVE-2018-8375

CVE-2018-8375 is a remote code execution vulnerability in Microsoft Excel family (Excel, Excel Viewer, Office) caused by improper handling of in-memory objects. The CVE affects Excel-related products and is characterized by a high-impact, possible remote code execution with local attack vector, r...

9.3CVSS7.8AI score0.16245EPSS
CVE
CVE
added 2018/04/12 1:0 a.m.84 views

CVE-2018-1029

Microsoft Excel remote code execution vulnerability exists due to improper handling of objects in memory, affecting Microsoft Excel, Excel Viewer, and Microsoft Office. The CVE-2018-1029 entry aligns with related CVEs (1027, 1011, 0920) and cites a memory-object handling flaw as the cause. The do...

9.3CVSS7.7AI score0.20332EPSS
CVE
CVE
added 2018/09/13 12:0 a.m.82 views

CVE-2018-8429

CVE-2018-8429 is an information disclosure vulnerability in Microsoft Excel and related components (Excel Viewer, Office). The underlying issue is that Excel may disclose memory contents. Affected products include Excel 2010 SP2, 2016 (KB4092460), Office compatibility pack, and related Excel/Offi...

5.5CVSS5AI score0.12255EPSS
CVE
CVE
added 2015/07/14 9:0 p.m.81 views

CVE-2015-2375

Microsoft Excel ASLR Bypass (CVE-2015-2375) affects Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, and Excel Services on SharePoint Server 2010 SP2/2013 SP1. Root cause: crafted spreadsheet allows bypassing ASLR protection, enabling potential memory-disclosure or downst...

4.3CVSS6.4AI score0.13995EPSS
CVE
CVE
added 2018/08/15 5:0 p.m.80 views

CVE-2018-8382

CVE-2018-8382 is an information-disclosure vulnerability in Microsoft Excel family. Connected advisories attribute the root cause to a missing length verification during parsing of workbook streams, enabling a remote attacker to obtain sensitive memory contents. Affected products include Microsof...

5.5CVSS5.5AI score0.12255EPSS