Lucene search
K
MicrosoftOffice Excel Viewer

29 matches found

CVE
CVE
added 2009/06/10 6:0 p.m.993 views

CVE-2009-0557

CVE-2009-0557 describes an Object Record Corruption vulnerability in Microsoft Office Excel across multiple platforms (Office 2000 SP3, XP SP3, 2003 SP3, Mac editions, and Excel Viewer/Compatibility Pack). The root cause is a malformed record object in an Excel file, enabling remote code executio...

9.3CVSS7.5AI score0.58551EPSS
In wild
CVE
CVE
added 2009/10/14 10:0 a.m.156 views

CVE-2009-2500

This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...

9.3CVSS7.9AI score0.23647EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.156 views

CVE-2009-2528

CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...

9.3CVSS7.2AI score0.20452EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.145 views

CVE-2009-3126

CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...

9.3CVSS9.7AI score0.23461EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.127 views

CVE-2009-2501

CVE-2009-2501 describes a heap-based buffer overflow in Microsoft GDI+ when processing PNG images, enabling remote code execution via crafted PNGs. Affected software/contexts include Internet Explorer 6 SP1 on Windows XP (SP2/SP3) and various Microsoft Office components and viewers that rely on G...

9.3CVSS9.7AI score0.26824EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.117 views

CVE-2009-2502

CVE-2009-2502 is a GDI+ TIFF buffer overflow vulnerability that could allow remote code execution when processing a specially crafted TIFF image. The vulnerability affects multiple Microsoft products enabled via Internet Explorer 6 SP1, various Windows and Office suites, Viewer components, and re...

9.3CVSS9.7AI score0.22025EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.104 views

CVE-2009-2504

CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...

9.3CVSS9.7AI score0.20982EPSS
CVE
CVE
added 2009/10/14 10:0 a.m.101 views

CVE-2009-2503

CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...

9.3CVSS9.6AI score0.22205EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.98 views

CVE-2010-0821

CVE-2010-0821 is identified in connected advisories as the Excel SXVIEW record parsing memory corruption vulnerability. It allows remote code execution if a user opens a specially crafted Excel file, due to improper parsing of SXVIEW structures. Exploitation requires user interaction (opening a c...

9.3CVSS7.5AI score0.24265EPSS
CVE
CVE
added 2009/02/25 4:0 p.m.96 views

CVE-2009-0238

CVE-2009-0238 corresponds to a remote code execution vulnerability in Microsoft Office Excel and related components (Excel Viewer, Compatibility Pack, and Mac variants) triggered by opening a crafted Excel document that causes an invalid object access. The issue manifests as memory/code execution...

9.3CVSS7.4AI score0.43063EPSS
In wild
CVE
CVE
added 2010/03/10 10:0 p.m.91 views

CVE-2010-0257

CVE-2010-0257 is a remote code execution vulnerability in Microsoft Excel 2002 SP3 and Excel XP related to memory corruption when processing EntExU2 records in a crafted Excel file. Exploitation could allow an attacker to take full control of the affected system by convincing a user to open a mal...

9.3CVSS7.7AI score0.18587EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.85 views

CVE-2008-4264

CVE-2008-4264 is a remote code execution vulnerability in Microsoft Office Excel (various Windows/macOS Excel versions) caused by pointer corruption while loading Excel formulas from a crafted file. The issue, also described as a File Format Parsing Vulnerability , could allow an attacker to take...

9.3CVSS7.3AI score0.25541EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.83 views

CVE-2010-0263

CVE-2010-0263 concerns Microsoft Office Excel XLSX File Parsing Code Execution. The vulnerability arises from insufficient validation of ZIP headers during decompression of Open XML XLSX documents, enabling remote code execution via a crafted file that accesses uninitialized memory. Affected soft...

9.3CVSS7.8AI score0.25692EPSS
CVE
CVE
added 2009/04/15 3:49 a.m.82 views

CVE-2009-0100

CVE-2009-0100 affects multiple Microsoft Office Excel variants (Windows and Mac) and is caused by a memory corruption error when parsing Excel records (TXO/OBJ) in the spreadsheet file format. A crafted spreadsheet containing a malformed object with an offset and a two‑byte value can trigger the ...

9.3CVSS7.4AI score0.29043EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.80 views

CVE-2010-0262

CVE-2010-0262 describes a remote code execution vulnerability in Microsoft Office Excel stemming from an uninitialized memory access in the FNGROUPNAME record during parsing of Excel files. The issue could let an attacker execute arbitrary code with the privileges of the user who opens a crafted ...

9.3CVSS7.7AI score0.21256EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.79 views

CVE-2009-0561

The CVE-2009-0561 issue is a heap-based buffer overflow in Microsoft Excel triggered while parsing a Shared String Table (SST) record when a numeric field specifies an invalid number of unique strings. Affects multiple Windows/macOS Excel versions across Office 2000–2008 and related viewers/compa...

9.3CVSS7.9AI score0.36897EPSS
CVE
CVE
added 2008/08/12 11:0 p.m.76 views

CVE-2008-3006

Microsoft Excel could allow remote code execution via memory corruption in the BIFF COUNTRY record parsing bug. Affected products include Excel 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1; Excel Viewer; Office Compatibility Pack 2007 Gold/SP1; Office for Mac (2004/2008); and SharePoint Server...

9.3CVSS7.3AI score0.35649EPSS
CVE
CVE
added 2008/08/12 11:0 p.m.75 views

CVE-2008-3004

The CVE-2008-3004 issue affects Microsoft Office Excel and related Mac/Viewer builds. It arises from improper validation of AxesSet index values when loading Excel files, allowing remote code execution via a specially crafted XLS document. Affected products include Excel 2000 SP3, 2002 SP3, 2003 ...

9.3CVSS7.3AI score0.32172EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.72 views

CVE-2009-0558

CVE-2009-0558 is an Array Indexing Memory Corruption Vulnerability in Microsoft Office Excel parsing code that can be triggered by a specially crafted Excel file. It affects Microsoft Office/Excel on Mac (Office 2004 and 2008 for Mac) and the Open XML File Format Converter for Mac, as well as Exc...

9.3CVSS7.5AI score0.3107EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.68 views

CVE-2009-1134

CVE-2009-1134 is a memory corruption/remote code execution vulnerability in Microsoft Excel and related components (Excel 2007 SP1/SP2, Excel Viewer, and Office Compatibility Pack SP1/SP2). The flaw occurs while parsing BIFF records, specifically a malformed Qsir (0x806) record, leading to code e...

9.3CVSS7.4AI score0.35698EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.68 views

CVE-2010-0258

CVE-2010-0258 is a Microsoft Office Excel Sheet Object Type Confusion Vulnerability. It affects Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, and Mac variants (2004/2008 for Mac, Open XML Converter for Mac, Excel Viewer SP1/2, and Compatibility Pack SP1/SP2). Root cause: improper parsing of the Excel f...

9.3CVSS7.7AI score0.6095EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.68 views

CVE-2010-0264

The CVE-2010-0264 issue affects Microsoft Office Excel 2002 SP3, Excel for Mac (Office 2004/2008), and the Open XML File Format Converter for Mac, where parsing the Excel file format fails due to a DbOrParamQry record handling error. This memory-corruption vulnerability can allow remote code exec...

9.3CVSS7.7AI score0.21221EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.66 views

CVE-2009-0560

Microsoft Office Excel vulnerability CVE-2009-0560 arises from Field Sanitization Memory Corruption in Excel's parsing of crafted records, enabling remote code execution. Affected products include Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2004/2008 for Mac, Excel 2007 SP1/S...

9.3CVSS7.5AI score0.27984EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.66 views

CVE-2010-0823

CVE-2010-0823 is Microsoft Excel memory corruption remote code execution vulnerability described in MS10-038. It affects Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, and Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP1/SP2, and Office Compatibility Pack 2007 File Formats SP1/SP2. ...

9.3CVSS7.4AI score0.20463EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.65 views

CVE-2009-0549

CVE-2009-0549 (Record Pointer Corruption Vulnerability) affects Microsoft Office Excel and related components (Excel Viewer, Office for Mac, Open XML Converter) across multiple versions, enabling remote code execution when a user opens a specially crafted Excel file. The issue is caused by malfor...

9.3CVSS7.5AI score0.28446EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.65 views

CVE-2010-0260

Microsoft Excel MDXTUPLE/MDXSET heap overflow vulnerabilities (CVE-2010-0260, part of MS10-017) affect Excel 2007 SP1/SP2, Excel Viewer SP1/SP2, and the Office Compatibility Pack for Word/Excel/PowerPoint 2007. The issue arises while parsing the MDXTUPLE/MDXSET records in workbook globals, enabli...

9.3CVSS7.9AI score0.23095EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.62 views

CVE-2010-0261

Microsoft Excel MDXSET Record Heap Overflow (CVE-2010-0261) is a remote-code-execution vulnerability affecting Excel 2007 SP1/SP2 and the Office Compatibility Pack for Word/Excel/PowerPoint 2007 File Formats SP1/SP2. The issue stems from parsing an MDXSET record that is broken into multiple recor...

9.3CVSS7.9AI score0.23095EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.60 views

CVE-2008-4265

CVE-2008-4265 affects Microsoft Office Excel 2000 SP3, where parsing certain TXO/OBJ records can trigger a memory corruption vulnerability that permits remote code execution when a specially crafted Excel file is opened. The root cause is memory corruption during loading of records from the sprea...

9.3CVSS7.3AI score0.2465EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.60 views

CVE-2009-0559

The CVE-2009-0559 entry maps to a set of Excel-related remote code execution vulnerabilities described in MS09-021. The underlying issue is a String Copy Stack-Based Overrun in Excel parsing of malformed records inside Excel files, causing a stack-based buffer overflow that could let an attacker ...

9.3CVSS7.9AI score0.29444EPSS