Lucene search
K
MicrosoftExcel2003

91 matches found

CVE
CVE
added 2009/11/11 7:0 p.m.1009 views

CVE-2009-3129

CVE-2009-3129 concerns a remote-code-execution vulnerability in Microsoft Office Excel and related components caused by a FEATHEADER record with an invalid cbHdrData size that affects a pointer offset. Affected products include Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Open XML File Format Converte...

9.3CVSS7.5AI score0.85731EPSS
In wild
CVE
CVE
added 2012/05/09 12:0 a.m.197 views

CVE-2012-1847

CVE-2012-1847 affects Microsoft Office Excel and related components (Excel 2003 SP3; Excel 2007 SP2/SP3; Excel 2010 SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability stems from memory handling when opening specially crafted spreadsheets, enabling r...

9.3CVSS7.9AI score0.25099EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.172 views

CVE-2012-0142

CVE-2012-0142 involves a memory corruption vulnerability in Microsoft Excel/file format handling (OBJECTLINK record) that can be triggered by opening a crafted spreadsheet, leading to remote code execution. Affected products include Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008, Exc...

9.3CVSS7.4AI score0.21596EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.163 views

CVE-2012-0184

CVE-2012-0184 affects Microsoft Excel and related Office components: Excel 2003 SP3, 2007 SP2/SP3, 2010 Gold/SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3. The issue is a memory handling error when opening a crafted spreadsheet, enabling remote code execution. Thi...

9.3CVSS7.5AI score0.24221EPSS
CVE
CVE
added 2011/09/15 10:0 a.m.158 views

CVE-2011-1986

CVE-2011-1986 is a use-after-free vulnerability in Microsoft Excel 2003 SP3 triggered by parsing a crafted spreadsheet, enabling remote code execution. The issue stems from memory handling during Excel’s record parsing (Excel Record Parsing Use After Free). Several advisories reference this as a ...

9.3CVSS7.6AI score0.21507EPSS
CVE
CVE
added 2011/09/15 10:0 a.m.158 views

CVE-2011-1988

Microsoft Excel heap memory corruption vulnerability (MS11-072) tied to parsing BIFF2 records in Excel files can allow remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, Office 2007 SP2, Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP2, and related Mac...

9.3CVSS7.4AI score0.18609EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.158 views

CVE-2013-1315

CVE-2013-1315 is a remote code execution/memory corruption vulnerability affecting Microsoft Office components. The public records identify affected products as Microsoft SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013; Office Web Apps 2010; Excel 2003 SP3/2007 SP3/2010 SP1/SP2/2013/2013 RT; Offic...

9.3CVSS7.6AI score0.28702EPSS
CVE
CVE
added 2004/09/17 4:0 a.m.152 views

CVE-2004-0200

CVE-2004-0200 is a buffer-overflow vulnerability in the JPEG parsing engine of Microsoft GDI+ (GDIPlus.dll). The flaw allows remote code execution when a specially crafted JPEG image is processed, with the attack vector involving JPEG data that is mis-sized during a memory copy. The vulnerability...

9.3CVSS7.6AI score0.49024EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.149 views

CVE-2009-3130

CVE-2009-3130 corresponds to the Excel Document Parsing Heap Overflow vulnerability. Affected software includes Microsoft Office Excel 2002 SP3, Excel 2003 and newer on Windows via BIFF parsing, and Office for Mac variants plus the Open XML File Format Converter for Mac. The root cause is imprope...

9.3CVSS7.7AI score0.28934EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.147 views

CVE-2011-0097

CVE-2011-0097 is a Microsoft Excel integer-overflow in the 400h substream parsing that can trigger a stack-based buffer overflow and remote code execution. Affected are Excel on Windows (2002 SP3/2003 SP3/2007 SP2/2010) and Mac variants, plus related File Format converters/viewers. The vulnerabil...

9.3CVSS7.6AI score0.38221EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.145 views

CVE-2012-1885

CVE-2012-1885 is a heap-based buffer overflow in Microsoft Excel components that affects Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008/2011, and Office Compatibility Pack SP2/SP3. The root cause is a SerAuxErrBar heap overflow triggered by processing a crafted spreadsheet, enabling ...

9.3CVSS7.9AI score0.29287EPSS
CVE
CVE
added 2013/09/11 10:0 a.m.145 views

CVE-2013-3158

CVE-2013-3158 affects Microsoft Excel 2003 SP3 and 2007 SP3, where memory corruption in parsing crafted Office documents can lead to remote code execution or denial of service. Root cause is memory corruption within Excel’s handling of Office file content. Exploitation details are not provided in...

9.3CVSS7.6AI score0.18778EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.144 views

CVE-2012-0141

CVE-2012-0141 affects Microsoft Excel and related Office components across Windows and Mac platforms (Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1/Gold, Office 2011 for Mac, Excel Viewer, Office Compatibility Pack). The root cause is memory corruption during parsing/opening specially crafted Excel/RTF ...

9.3CVSS7.5AI score0.21769EPSS
CVE
CVE
added 2012/05/09 12:0 a.m.142 views

CVE-2012-0143

CVE-2012-0143 affects Microsoft Excel 2003 SP3 and Office 2008 for Mac, where memory corruption during file opening can allow remote code execution via a crafted spreadsheet. The vulnerability is part of a family including CVE-2012-0141/0142/0143/0143/0184 (and related) affecting Office component...

9.3CVSS7.5AI score0.2239EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.138 views

CVE-2011-1273

Microsoft Excel (Windows: 2002/2003/2007/2010; Mac: 2004/2008/2011; Open XML Converter for Mac; Excel Viewer; Office Compatibility Pack) is affected by CVE-2011-1273 due to improper validation/parsing of Excel records. Multiple advisories attribute the issue to parsing errors (record-type handlin...

9.3CVSS7.6AI score0.16968EPSS
CVE
CVE
added 2008/01/16 10:0 p.m.102 views

CVE-2008-0081

CVE-2008-0081 corresponds to the Macro Validation Vulnerability in Microsoft Excel and related Office components. A remote code execution flaw exists when opening specially crafted Excel files with macros, caused by improper validation of macro/memory handling, affecting Excel 2000 SP3 through 20...

9.8CVSS9.6AI score0.57908EPSS
CVE
CVE
added 2006/10/10 10:0 p.m.98 views

CVE-2006-3877

PowerPoint Malformed Record Memory Corruption Vulnerability (CVE-2006-3877) affects multiple Office suites. A remote code execution flaw exists when PowerPoint opens a specially crafted file with malformed records, allowing an attacker to gain full control of the affected system if the user runs ...

9.3CVSS7.1AI score0.12509EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.98 views

CVE-2010-0821

CVE-2010-0821 is identified in connected advisories as the Excel SXVIEW record parsing memory corruption vulnerability. It allows remote code execution if a user opens a specially crafted Excel file, due to improper parsing of SXVIEW structures. Exploitation requires user interaction (opening a c...

9.3CVSS7.5AI score0.24265EPSS
CVE
CVE
added 2009/02/25 4:0 p.m.96 views

CVE-2009-0238

CVE-2009-0238 corresponds to a remote code execution vulnerability in Microsoft Office Excel and related components (Excel Viewer, Compatibility Pack, and Mac variants) triggered by opening a crafted Excel document that causes an invalid object access. The issue manifests as memory/code execution...

9.3CVSS7.4AI score0.43063EPSS
In wild
CVE
CVE
added 2007/02/03 1:0 a.m.94 views

CVE-2007-0671

CVE-2007-0671 is a remote-code-execution vulnerability in Microsoft Office Excel (affecting Excel 2000/XP/2003 and Mac equivalents) where a specially crafted Excel file can trigger arbitrary code execution. The vulnerability arises from improper handling/parsing of office records, enabling remote...

9.3CVSS7.5AI score0.42139EPSS
In wild
CVE
CVE
added 2011/04/13 6:0 p.m.92 views

CVE-2011-0098

CVE-2011-0098 corresponds to a remote code execution vulnerability in Microsoft Office Excel. The issue is a buffer/heap overflow in parsing the Label record (Excel file format), allowing remote attackers to run arbitrary code by convincing a user to open a malicious XLS file. Affected products i...

9.3CVSS7.6AI score0.30499EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.91 views

CVE-2010-0257

CVE-2010-0257 is a remote code execution vulnerability in Microsoft Excel 2002 SP3 and Excel XP related to memory corruption when processing EntExU2 records in a crafted Excel file. Exploitation could allow an attacker to take full control of the affected system by convincing a user to open a mal...

9.3CVSS7.7AI score0.18587EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.90 views

CVE-2009-3127

CVE-2009-3127 (Excel Cache Memory Corruption) is a remote code execution vulnerability in Microsoft Office Excel variants: Excel 2002 SP3, 2003 SP3, 2004/2008 for Mac, Open XML File Format Converter for Mac, and Excel Viewer 2003 SP3. It stems from improper parsing of the Excel file format, allow...

9.3CVSS7.3AI score0.25075EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.87 views

CVE-2011-0980

CVE-2011-0980 corresponds to a memory corruption flaw in Microsoft Office that arises when parsing Office Art objects, enabling remote code execution via a crafted file. It affects Excel/Office components across Windows and Mac builds listed in the initial document (Excel 2002/2003, Office for Ma...

9.3CVSS7.6AI score0.26374EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.84 views

CVE-2008-4019

CVE-2008-4019 is an integer overflow in Excel’s REPT function used when parsing a formula within a cell, affecting multiple Windows and Mac Excel versions (e.g., 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1) and related viewers/compat packs. The vulnerability allows remote code execution if a ...

9.3CVSS7.5AI score0.34415EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.83 views

CVE-2010-0263

CVE-2010-0263 concerns Microsoft Office Excel XLSX File Parsing Code Execution. The vulnerability arises from insufficient validation of ZIP headers during decompression of Open XML XLSX documents, enabling remote code execution via a crafted file that accesses uninitialized memory. Affected soft...

9.3CVSS7.8AI score0.25692EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.82 views

CVE-2009-3128

CVE-2009-3128 describes a remote code execution vulnerability in Microsoft Office Excel via a malformed SxView record in Excel files. Affects Excel 2002 SP3, Excel 2003 SP3, and Excel Viewer 2003 SP3; exploitation leads to arbitrary code execution with the attacker gaining the user’s privileges. ...

9.3CVSS7.3AI score0.24879EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.82 views

CVE-2011-0979

CVE-2011-0979 affects Microsoft Excel and related Office components (including Mac versions) where errors parsing Office Art records in Excel spreadsheets allow remote code execution via a malformed object record (stray reference). Root cause is improper error handling during parsing of Office Ar...

9.3CVSS7.5AI score0.26523EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.82 views

CVE-2012-1886

Summary: CVE-2012-1886 affects Microsoft Office Excel and related components. The vulnerability is triggered by a crafted spreadsheet that can cause memory corruption, enabling remote code execution or a denial of service. Affected products (as documented): Excel 2003 SP3; Excel 2007 SP2/SP3; Exc...

9.3CVSS7.6AI score0.21769EPSS
CVE
CVE
added 2008/03/11 11:0 p.m.81 views

CVE-2008-0115

CVE-2008-0115 : A remote-code-execution vulnerability in Microsoft Excel’s Formula Parsing affects Excel 2000 SP3–2007, Excel Viewer 2003, the Office Compatibility Pack, and Office for Mac 2004. The issue arises from improper handling of malformed formulas, allowing a user-assisted attacker to tr...

9.3CVSS9.7AI score0.39333EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.81 views

CVE-2009-3132

CVE-2009-3132 is the Excel Index Parsing Vulnerability: a remote-code-execution flaw in Microsoft Office Excel where pointer corruption occurs while parsing Excel formulas/indices in affected Office Excel versions (Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, plus Mac variants and viewers). A crafted ...

9.3CVSS7.4AI score0.25883EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.81 views

CVE-2010-3232

CVE-2010-3232 covers multiple Microsoft Office Excel-related parsing flaws: Excel record parsing vulnerabilities that allow remote code execution when opening specially crafted Excel files. The root cause is improper validation/handling of record information in the Excel file format, leading to m...

9.3CVSS7.6AI score0.21413EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.80 views

CVE-2008-3471

CVE-2008-3471 is a stack-based buffer overflow in Microsoft Excel’s BIFF file format parsing, triggered by a malformed record in a .xls file. Affected products include Excel 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1, Excel Viewer (2003 SP3) and related Mac components, as well as the Open XM...

9.3CVSS7.8AI score0.52318EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.80 views

CVE-2010-0262

CVE-2010-0262 describes a remote code execution vulnerability in Microsoft Office Excel stemming from an uninitialized memory access in the FNGROUPNAME record during parsing of Excel files. The issue could let an attacker execute arbitrary code with the privileges of the user who opens a crafted ...

9.3CVSS7.7AI score0.21256EPSS
CVE
CVE
added 2012/11/14 12:0 a.m.80 views

CVE-2012-1887

CVE-2012-1887 is a use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, and Office for Mac 2008/2011, exploitable via a crafted spreadsheet to achieve remote code execution. The underlying issue is a use-after-free in handling an Excel SST Invalid Length condition. Af...

9.3CVSS7.5AI score0.25099EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.78 views

CVE-2009-3134

CVE-2009-3134 is the Excel Field Sanitization Vulnerability. It affects Microsoft Office Excel components across Windows and Mac platforms listed in the entries, including Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Office 2004/2008 for Mac, Open XML Converter for Mac, Excel Viewer SKUs, and the Offi...

9.3CVSS7.4AI score0.25777EPSS
CVE
CVE
added 2007/03/03 7:0 p.m.77 views

CVE-2007-1239

Microsoft Excel 2003 contains a vulnerability in parsing .XLS files; a file with corrupted XML format or corrupted XLS format triggers a NULL pointer dereference, allowing remote attackers to cause a denial-of-service (application crash). The affected component is Excel’s workbook parsing for XLS...

4.3CVSS6.6AI score0.11611EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.76 views

CVE-2011-1272

Summary (CVE-2011-1272) : This vulnerability affects Microsoft Excel and related components (Excel 2002 SP3, 2003 SP3, 2007 SP2; Office 2004/2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack SP2) and is caused by improper validation of record struct...

9.3CVSS7.5AI score0.17592EPSS
CVE
CVE
added 2006/03/14 11:0 p.m.74 views

CVE-2006-0030

CVE-2006-0030 affects Microsoft Excel 2000, 2002, and 2003 via a memory corruption vulnerability in malformed graphics within Excel data files. An attacker could trigger remote code execution by having a user open a specially crafted Excel file containing a malformed graphic; impact is memory cor...

5.1CVSS7.2AI score0.39593EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.74 views

CVE-2011-1274

Vulnerability CVE-2011-1274 affects Microsoft Excel and related Office components across multiple platforms (Excel 2002/2003/2007; Office for Mac 2004/2008; Excel Viewer; Open XML Converter for Mac; Office Compatibility Pack). The issue arises when parsing certain Excel record structures, where i...

9.3CVSS7.6AI score0.1332EPSS
CVE
CVE
added 2006/07/13 9:0 p.m.72 views

CVE-2006-2388

Summary: CVE-2006-2388 is a remote code execution vulnerability in Microsoft Office Excel (2000–2004) caused by a flaw when Excel rebuilds metadata after processing malformed cell comments. An attacker must lure a user into opening a crafted .XLS file, which could allow code execution with the cu...

9.3CVSS7.2AI score0.10784EPSS
CVE
CVE
added 2007/01/09 10:0 p.m.72 views

CVE-2007-0027

CVE-2007-0027 affects Microsoft Excel versions including Excel 2000 SP3, 2002 SP3, 2003 SP2, Excel 2004 for Mac, and Excel v.X for Mac. The flaw is a remote code execution due to memory corruption when parsing malformed IMDATA records in BIFF Excel files. An attacker could exploit this by enticin...

9.3CVSS7.6AI score0.3117EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.72 views

CVE-2010-2562

CVE-2010-2562 affects Microsoft Office Excel and components on Windows and Mac: Excel 2002 SP3/2003 SP3, Office 2004/2008 for Mac, and Open XML File Format Converter for Mac. The root cause is a parsing logic error in the Excel file format, leading to a memory corruption vulnerability that can al...

9.3CVSS7.7AI score0.17612EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.72 views

CVE-2011-0103

CVE-2011-0103 covers a memory corruption vulnerability in Excel parsing logic that could allow remote code execution or a denial of service when opening specially crafted Excel files. Affected products include Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File ...

9.3CVSS7.7AI score0.25459EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.71 views

CVE-2011-0104

CVE-2011-0104 affects Microsoft Excel 2002 SP3, Excel 2003 SP3, Office 2004/2008 for Mac, and Open XML File Format Converter for Mac. A crafted HLink record in an Excel file can trigger memory corruption, allowing remote code execution or causing a denial of service. Exploitation details or in‑th...

9.3CVSS7.7AI score0.53431EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.71 views

CVE-2011-0978

CVE-2011-0978 is a remote code execution vulnerability in Microsoft Excel and related Office components caused by a memory corruption/stack-based overflow while parsing the Axis Properties/ SxView records (vulnerable in Excel 2002 SP3, 2003 SP3, 2007 SP2, Office for Mac 2004, Excel Viewer SP2, an...

9.3CVSS7.9AI score0.42562EPSS
CVE
CVE
added 2005/12/09 11:0 a.m.70 views

CVE-2005-4131

CVE-2005-4131 affects Microsoft Excel 2000, 2002 and 2003 (Office 2000 SP3 and related packages). The vulnerability stems from parsing a malformed named range/range data in Excel files, which can cause memory corruption in a call to msvcrt.memmove. An attacker could leverage this via a specially ...

6.8CVSS7.4AI score0.31108EPSS
CVE
CVE
added 2006/06/17 1:0 a.m.70 views

CVE-2006-3059

Technical details for CVE-2006-3059 are not provided in the supplied documents; no affected product/version/impact is specified beyond a generic note. Monitor for updates.

9.3CVSS7.3AI score0.41113EPSS
CVE
CVE
added 2007/01/09 11:0 p.m.70 views

CVE-2007-0029

CVE-2007-0029 is the Excel Malformed String Vulnerability affecting Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and Excel 2004/Mac (and Excel v.X for Mac). The issue allows user-assisted remote attackers to achieve arbitrary code execution by parsing a malformed string in Excel files. Microsoft...

9.3CVSS7.6AI score0.30079EPSS
CVE
CVE
added 2007/01/09 11:0 p.m.70 views

CVE-2007-0030

CVE-2007-0030 is the Excel Malformed Column Record Vulnerability. A memory corruption flaw occurs when parsing the BIFF8 Column field, allowing a remote attacker to execute arbitrary code by convincing a user to open a crafted Excel file. Affected products include Microsoft Excel 2000 SP3, 2002 S...

9.3CVSS7.4AI score0.32093EPSS
Total number of security vulnerabilities91