106 matches found
CVE-2012-1847
CVE-2012-1847 affects Microsoft Office Excel and related components (Excel 2003 SP3; Excel 2007 SP2/SP3; Excel 2010 SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability stems from memory handling when opening specially crafted spreadsheets, enabling r...
CVE-2013-0007
CVE-2013-0007 impacts Microsoft XML Core Services (MSXML) versions 4.0–6.0. A parsing fault in MSXML can allow remote code execution when a user visits a crafted web page (MSXML XSLT vulnerability). Affected components include MSXML DLLs; root cause is improper XML content parsing. Mitigation is ...
CVE-2016-0025
CVE-2016-0025 is a memory corruption vulnerability in Microsoft Office products that allows remote code execution via a crafted Office document. Affected software includes Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Wo...
CVE-2012-0142
CVE-2012-0142 involves a memory corruption vulnerability in Microsoft Excel/file format handling (OBJECTLINK record) that can be triggered by opening a crafted spreadsheet, leading to remote code execution. Affected products include Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008, Exc...
CVE-2012-0184
CVE-2012-0184 affects Microsoft Excel and related Office components: Excel 2003 SP3, 2007 SP2/SP3, 2010 Gold/SP1; Office for Mac 2008/2011; Excel Viewer; Office Compatibility Pack SP2/SP3. The issue is a memory handling error when opening a crafted spreadsheet, enabling remote code execution. Thi...
CVE-2013-3848
CVE-2013-3848 affects Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer, allowing remote code execution or memory corruption via a crafted Off...
CVE-2013-1315
CVE-2013-1315 is a remote code execution/memory corruption vulnerability affecting Microsoft Office components. The public records identify affected products as Microsoft SharePoint Server 2007 SP3, 2010 SP1/SP2, 2013; Office Web Apps 2010; Excel 2003 SP3/2007 SP3/2010 SP1/SP2/2013/2013 RT; Offic...
CVE-2012-0183
CVE-2012-0183 affects Microsoft Word 2003 SP3, Word 2007 SP2/SP3, Word 2008/2011 for Mac, and Office Compatibility Pack SP2/SP3. The vulnerability arises in parsing crafted RTF data, causing memory corruption that can allow remote code execution or denial of service. The issue is addressed by Mic...
CVE-2012-2528
CVE-2012-2528 is a use-after-free remote code execution vulnerability in Microsoft Word and related components triggered by specially crafted RTF documents. Affected products include Word 2003 SP3, Word 2007 SP2/SP3, Word 2010 SP1, Word Viewer, Office Compatibility Pack SP2/SP3, Word Automation S...
CVE-2012-2543
CVE-2012-2543 is a stack-based buffer overflow in Microsoft Excel components (Windows: Excel 2007 SP2/SP3, Excel 2010 SP1; Mac: Office 2011; Excel Viewer; Office Compatibility Pack SP2/SP3). The vulnerability arises while handling crafted spreadsheets, enabling remote code execution. Connected so...
CVE-2012-0141
CVE-2012-0141 affects Microsoft Excel and related Office components across Windows and Mac platforms (Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1/Gold, Office 2011 for Mac, Excel Viewer, Office Compatibility Pack). The root cause is memory corruption during parsing/opening specially crafted Excel/RTF ...
CVE-2013-3850
CVE-2013-3850 is a memory corruption vulnerability in Microsoft Word components that allows remote code execution or a denial of service when processing a crafted Office document. Affected products include Word 2003 SP3, 2007 SP3, 2010 SP1/SP2, Office Compatibility Pack SP3, and Word Viewer. Root...
CVE-2012-1885
CVE-2012-1885 is a heap-based buffer overflow in Microsoft Excel components that affects Excel 2003 SP3, 2007 SP2/SP3, 2010 SP1, Office for Mac 2008/2011, and Office Compatibility Pack SP2/SP3. The root cause is a SerAuxErrBar heap overflow triggered by processing a crafted spreadsheet, enabling ...
CVE-2017-0254
CVE-2017-0254 concerns a remote code execution in Microsoft Office applications (Word, PowerPoint, etc.) and related components when the software fails to properly handle objects in memory. The vulnerability affects multiple Office products across Windows and macOS (e.g., Word 2007, Office 2010 S...
CVE-2013-0006
CVE-2013-0006 is associated with OSIsoft PI Interface for OPC XML-DA (ICS advisory ICSA-20-315-01) and Microsoft MSXML/MS13-002 context. Connected documents identify the affected product as PI Interface for OPC XML-DA versions prior to 1.7.3.x, where the vulnerability stems from numeric errors/st...
CVE-2013-3852
CVE-2013-3852 affects Microsoft Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer. The vulnerability is a memory corruption flaw in Word that can be triggered by a crafted Office document, enabling remote code execution or a denial of service. The OpenVAS...
CVE-2016-0122
CVE-2016-0122 affects Microsoft Office Excel across multiple versions (2007 SP3, 2010 SP2, 2013 SP1/RT SP1, 2016) and Office components; the vulnerability is a memory corruption/out-of-bounds read in Excel that enables remote code execution when a specially crafted Office document is opened. An e...
CVE-2016-0022
CVE-2016-0022 corresponds to a memory corruption vulnerability in Microsoft Office components (Word and related Word/Office Suite on Windows and Mac) that could allow remote code execution via a crafted Office document. Connected sources indicate this is tied to MS16-015 and affects Word 2007 SP3...
CVE-2017-0031
CVE-2017-0031 affects Microsoft Office components: Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2. It allows remote code execution or memory corruption via a crafted document, with the underlying issue described as a memory corruption vulnerability in Office. The...
CVE-2015-2520
CVE-2015-2520 affects Microsoft Office components including Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011/2016, Office Compatibility Pack SP3, and Excel Viewer. The root cause is a memory corruption due to improper handling of objects in memory, leading to remote code execution when a crafte...
CVE-2016-3234
CVE-2016-3234 affects Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint 2010 SP2/2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1. The root cause is an information disclosure flaw that...
CVE-2017-0006
Technical details (affected products, root cause, and remediation) are not provided in the connected documents beyond the initial CVE summary; monitor for updates.
CVE-2016-3233
CVE-2016-3233 concerns Microsoft Office memory corruption affecting Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack SP3. A crafted Office document can trigger a memory corruption that allows remote code execution. Exploitation requires a user to open the specially crafted file (user...
CVE-2016-3358
CVE-2016-3358 affects Microsoft Office and Excel components across Windows and Mac platforms (Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; Office Online Server; Office Viewer; SharePoint Excel Services). The vulnerability is described as a memory corruption in Office applications that a...
CVE-2017-0030
Technical details about CVE-2017-0030 are not publicly available in the provided connected documents; no specific affected products, exploit info, or remediation are included. Monitor for updates.
CVE-2017-0052
The CVE affects Microsoft Office components: Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3. It is a memory corruption vulnerability exploitable via a crafted document, potentially allowing remote code execution or denial of service. ...
CVE-2017-0053
Technical details about CVE-2017-0053 are not publicly provided in the supplied documents; monitor for future updates.
CVE-2015-0085
CVE-2015-0085 is a use-after-free vulnerability in Microsoft Office components (including Office 2007/2010/2013 suites and related SharePoint/Viewer components) that enables remote code execution via a crafted Office document. The issue affects a broad set of Office applications and SharePoint-re...
CVE-2017-0027
CVE-2017-0027 affects Microsoft Office products including Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1. Description: information disclosure from process memory when processing a crafted Office docume...
CVE-2017-0194
CVE-2017-0194 affects Microsoft Excel 2007 SP3, Excel 2010 SP2 and Office Compatibility Pack SP2. It is an Information Disclosure vulnerability where crafted Office documents can cause memory objects to disclose sensitive memory contents due to improper handling of memory. Root cause: improper ha...
CVE-2017-8632
CVE-2017-8632 describes a remote code execution vulnerability in Microsoft Office products caused by improper handling of in-memory objects (memory corruption). Affected are Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Web Apps 2013, Excel for Mac 2011, Excel 20...
CVE-2016-0134
CVE-2016-0134 affects multiple Microsoft Office products, including Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1/RT SP1, Word 2016, Word for Mac 2011/2016, Office Compatibility Pack SP3, and related SharePoint/Web Apps components. The vulnerability is described as a memory corrupt...
CVE-2016-0198
Microsoft Office memory corruption vulnerability CVE-2016-0198 allows remote code execution when processing specially crafted Office documents. Affected products include Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac...
CVE-2014-1757
CVE-2014-1757 is the Microsoft Office file format converter memory corruption vulnerability affecting Word 2007 SP3, Word 2010 SP1/SP2, and Office Compatibility Pack SP3. The issue occurs when converting legacy binary (.doc) documents to newer formats, allowing remote attackers to execute arbitra...
CVE-2016-3360
CVE-2016-3360 affects multiple Microsoft Office components, notably PowerPoint and related Office apps. The vulnerability is a memory corruption issue in which a crafted document can cause remote code execution on the affected host. Affected products include PowerPoint 2007 SP3, 2010 SP2, 2013 SP...
CVE-2014-4117
CVE-2014-4117 affects Microsoft Office and related components (Word 2007/2010, Office 2010, Office for Mac 2011, Word Web Apps, SharePoint) where remote code execution is possible via crafted Word document properties. Root cause: improper handling/parsing of Word file format elements allows arbit...
CVE-2016-0127
CVE-2016-0127 affects Microsoft Office components: Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2/2013 SP1, and Office Web Apps 2010 SP2/Server 2013 SP1. Description...
CVE-2014-0258
CVE-2014-0258 affects Microsoft Word 2003 SP3, Word 2007 SP3, Office Compatibility Pack SP3, and Word Viewer. The root cause is memory corruption when parsing crafted Office files, enabling remote code execution (and potential DoS) in the context of the user. Connected advisories confirm MS14-001...
CVE-2016-3282
CVE-2016-3282 is a Microsoft Office remote code execution vulnerability arising from memory corruption in Office components (Word, Word Automation Services, SharePoint-related components, etc.). It affects a broad set of Office products across Windows and macOS (Word 2007 SP3, Office 2010 SP2, Wo...
CVE-2016-7266
CVE-2016-7266 affects multiple Microsoft Office/Excel variants (Windows: Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016; macOS: Excel 2016) and the Office Compatibility Pack, Excel Viewer, and Excel for Mac. The root cause is mishandling of a registry check when running embedded content, d...
CVE-2016-7265
CVE-2016-7265 affects Microsoft Office components (notably Excel 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3/2010 SP2). The vulnerability is described as an information disclosure via an out-of-boun...
CVE-2014-6334
CVE-2014-6334 affects Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3. The issue is a memory-handling flaw in parsing crafted Office documents that can lead to remote code execution or memory corruption/DoS. The connected OpenVAS/Nessus entries corroborate Word/Office comp...
CVE-2015-1651
CVE-2015-1651 is a use-after-free vulnerability in Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3. The flaw allows remote code execution via a crafted Office document. Root cause: use-after-free in Office components when parsing Office files. Exploitation context: remote ...
CVE-2016-0136
CVE-2016-0136 affects Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3/2010 SP2. The root cause is memory corruption from improper handling of objects in memory, enabling remote code execution when a crafted Office document ...
CVE-2016-3359
CVE-2016-3359 affects Microsoft Office components (Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, Excel Viewer). The issue is a memory corruption vulnerability in Office that allows remote code execution via a crafted document. The CVE entry’s linked sources (NVD/NVD-variant and r...
CVE-2016-7233
CVE-2016-7233 is an information-disclosure/out-of-bounds-read vulnerability in multiple Microsoft Office components (e.g., Word 2007, Office 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Web Apps 2010 SP2, SharePoint 2013 components, and Office Automation Services). A craft...
CVE-2016-0052
The CVE-2016-0052 issue affects Microsoft Word/Office across multiple versions (Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Serve...
CVE-2016-7268
CVE-2016-7268 is an information-disclosure/Memory-read vulnerability in Microsoft Office products. The initial description lists how crafted Office documents can cause an out-of-bounds read or memory disclosure, allowing remote attackers to obtain sensitive information from process memory. Affect...
CVE-2015-1650
CVE-2015-1650 is a use-after-free vulnerability in Microsoft Word/Office components that allows remote code execution via crafted Office documents. Affected products include Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3,...
CVE-2015-1649
CVE-2015-1649 is a use-after-free vulnerability in Microsoft Office components (Word 2007 SP3, Office 2010 SP2, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps Server 2010 SP2) that allows remote code execution via a crafted ...