Lucene search
+L

14 matches found

CVE
CVE
added 2004/10/16 4:0 a.m.87 views

CVE-2004-0846

Microsoft Excel is affected by CVE-2004-0846 due to a buffer overflow from improper validation of certain records/parameters in Excel files. The vulnerability affects Excel 2000, Excel 2002, Excel 2001 for Mac, and Excel v.X for Mac; Excel 2004 for Mac and Office 2003/XP SP3 are not affected. An ...

7.5CVSS7.5AI score0.28348EPSS
CVE
CVE
added 2002/06/25 4:0 a.m.79 views

CVE-2002-0152

The CVE-2002-0152 entry concerns a buffer overflow in Macintosh builds of several Microsoft applications. The vulnerability is triggered by the file:// directive when a large number of slashes (/) is supplied, allowing remote attackers to crash the affected applications or potentially execute arb...

7.5CVSS8.3AI score0.1737EPSS
CVE
CVE
added 2006/03/14 11:0 p.m.75 views

CVE-2006-0030

CVE-2006-0030 affects Microsoft Excel 2000, 2002, and 2003 via a memory corruption vulnerability in malformed graphics within Excel data files. An attacker could trigger remote code execution by having a user open a specially crafted Excel file containing a malformed graphic; impact is memory cor...

5.1CVSS7.2AI score0.39593EPSS
CVE
CVE
added 2006/07/13 9:0 p.m.75 views

CVE-2006-2388

Summary: CVE-2006-2388 is a remote code execution vulnerability in Microsoft Office Excel (2000–2004) caused by a flaw when Excel rebuilds metadata after processing malformed cell comments. An attacker must lure a user into opening a crafted .XLS file, which could allow code execution with the cu...

9.3CVSS7.2AI score0.10784EPSS
CVE
CVE
added 2006/10/10 10:0 p.m.69 views

CVE-2006-3875

CVE-2006-3875 : A remote code execution vulnerability in Microsoft Excel arises when parsing COLINFO records in XLS files. The COLINFO record parsing flaw can be exploited by a crafted Excel file to execute arbitrary code in the caller’s security context. Affected products include Microsoft Excel...

5.1CVSS7.1AI score0.09321EPSS
CVE
CVE
added 2006/10/10 10:0 p.m.66 views

CVE-2006-3867

CVE-2006-3867 is a remote code execution vulnerability in Microsoft Excel triggered when Excel handles a crafted Lotus 1-2-3 file. The issue affects Excel on Windows (2000, XP, 2003) and Excel Viewer 2003, as well as Excel for Mac (2004) and Office v.X for Mac. The root cause is improper parsing ...

5.1CVSS7.1AI score0.09321EPSS
CVE
CVE
added 2006/03/14 11:0 p.m.62 views

CVE-2006-0028

CVE-2006-0028 is a Microsoft Excel remote code execution vulnerability tied to malformed BIFF parsing format files that can corrupt memory and allow arbitrary code execution. Affected products include Excel 2000, 2002, and 2003 (and Office 2000 SP3 and related packages). Exploitation requires a u...

5.1CVSS7.1AI score0.16247EPSS
CVE
CVE
added 2006/07/13 9:0 p.m.62 views

CVE-2006-1304

Microsoft Excel 2000–2003 contains a remote code execution vulnerability in the COLINFO record processing that can be triggered by a specially crafted .xls file. The underlying issue is a buffer overflow during a data filling operation, which could allow an attacker to execute arbitrary code with...

9.3CVSS7.4AI score0.10884EPSS
CVE
CVE
added 2006/07/13 10:0 p.m.62 views

CVE-2006-1308

CVE-2006-1308 is a remote code execution vulnerability in Microsoft Excel (2000–2004) caused by processing a malformed FNGROUPCOUNT value in an Excel file. The issue can be triggered when opening a specially crafted .xls, potentially allowing an attacker to execute arbitrary code in the security ...

9.3CVSS7.1AI score0.09278EPSS
CVE
CVE
added 2006/03/14 11:0 p.m.60 views

CVE-2006-0029

CVE-2006-0029 is a remote code execution vulnerability in Microsoft Excel affecting Excel 2000, 2002, and 2003 via a data file containing a malformed description that can corrupt memory. The Microsoft Security Bulletin MS06-012 provides fixes for this issue across affected Office/Excel versions (...

5.1CVSS7.2AI score0.14633EPSS
CVE
CVE
added 2006/07/13 9:0 p.m.60 views

CVE-2006-1306

CVE-2006-1306 is a Microsoft Excel remote code execution vulnerability in the Malformed OBJECT record. A crafted .xls file can cause an attacker-controlled function pointer to execute arbitrary code when opened, enabling code execution in the user’s context. The issue affects Office/Excel 2000–20...

9.3CVSS7.2AI score0.09278EPSS
CVE
CVE
added 2006/07/13 10:0 p.m.57 views

CVE-2006-1301

CVE-2006-1301 affects Microsoft Excel 2000–2004 via a crafted SELECTION record that triggers memory corruption, allowing user-assisted arbitrary code execution. Root cause: insufficient validation when parsing SELECTION records, leading to memory corruption. Affected products: Excel 2000, 2002, 2...

9.3CVSS7.1AI score0.09824EPSS
CVE
CVE
added 2006/07/13 9:0 p.m.57 views

CVE-2006-1302

CVE-2006-1302 describes a memory corruption vulnerability in Microsoft Excel 2000–2003 (and related 2000–2004 variants) triggered by parsing certain fields in a SELECTION record within a .xls file, leading to possible arbitrary code execution when a user opens a crafted Excel file. The issue is a...

9.3CVSS7.4AI score0.13681EPSS
CVE
CVE
added 2006/07/13 10:0 p.m.52 views

CVE-2006-1309

CVE-2006-1309 is a Microsoft Excel vulnerability affecting Excel 2000–2004 where opening a crafted .xls file with a malformed LABEL record can trigger memory corruption and allow remote code execution. The underlying issue is memory corruption during processing of the LABEL record, potentially en...

9.3CVSS7.2AI score0.09741EPSS