CVE-2006-3431

CVE-2006-3431 describes a remote code execution vulnerability in Microsoft Excel related to the handling of the STYLE record in various Asian-language Excel versions. The flaw is a stack-based buffer overflow triggered when parsing a crafted spreadsheet, potentially allowing code execution if a u...

CVE-1999-0717

Microsoft Excel 97 is affected by CVE-1999-0717, enabling a remote attacker to disable the virus warning mechanism. Connected documents confirm the product and impact but do not provide root-cause details, affected subcomponents/versions beyond Excel 97, exploitation status, or remediation steps.

CVE-2006-3014

CVE-2006-3014 affects Microsoft Excel where embedding a Shockwave Flash Player ActiveX Object inside an XLS can automatically execute, enabling user-assisted arbitrary JavaScript execution and redirection when the spreadsheet is opened. According to SUSE and CPAI advisories, the issue originates ...

CVE-1999-0794

Issue summary : Microsoft Excel does not warn users when a macro is present inside a Symbolic Link (SYLK) format file. What is affected : Excel’s handling of SYLK files containing macros (no warning prompt to the user). Root cause / nature of vulnerability : Absence of user warning in the SYLK ma...

CVE-2026-26133

CVE-2026-26133 involves an AI command injection vulnerability in Microsoft 365 Copilot that can lead to unauthorized disclosure of information over a network. The CVSS 3.1 vector (AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:L/A:N) indicates a network-accessible issue with no privileges required but user intera...

CVE-2026-42832

This CVE (CVE-2026-42832) concerns Microsoft Office and is rooted in improper access control that enables a local attacker to spoof. Affected software is Microsoft Office; the vulnerability is described as allowing local spoofing with high impact to confidentiality and integrity (per CVSS 3.1 met...