Lucene search
+L
MicrosoftOffice Word Viewer*

16 matches found

cve
cve
added 2009/06/10 5:37 p.m.193 views

CVE-2009-0565

CVE-2009-0565 is a Word buffer-overflow vulnerability caused by a malformed record (Sprm) in Word documents, leading to remote code execution. Affected products include Microsoft Word 2000 SP3, 2002 SP3, 2007 SP1/SP2, Word for Mac 2004/2008, Open XML File Format Converter for Mac, and Office Comp...

9.3CVSS7.8AI score0.40503EPSS
cve
cve
added 2009/10/14 10:0 a.m.162 views

CVE-2009-2500

This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...

9.3CVSS7.9AI score0.23647EPSS
cve
cve
added 2009/10/14 10:0 a.m.157 views

CVE-2009-2528

CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...

9.3CVSS7.2AI score0.20452EPSS
cve
cve
added 2009/10/14 10:0 a.m.152 views

CVE-2009-3126

CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...

9.3CVSS9.7AI score0.23461EPSS
cve
cve
added 2009/10/14 10:0 a.m.129 views

CVE-2009-2501

CVE-2009-2501 describes a heap-based buffer overflow in Microsoft GDI+ when processing PNG images, enabling remote code execution via crafted PNGs. Affected software/contexts include Internet Explorer 6 SP1 on Windows XP (SP2/SP3) and various Microsoft Office components and viewers that rely on G...

9.3CVSS9.7AI score0.26824EPSS
cve
cve
added 2009/10/14 10:0 a.m.119 views

CVE-2009-2502

CVE-2009-2502 is a GDI+ TIFF buffer overflow vulnerability that could allow remote code execution when processing a specially crafted TIFF image. The vulnerability affects multiple Microsoft products enabled via Internet Explorer 6 SP1, various Windows and Office suites, Viewer components, and re...

9.3CVSS9.7AI score0.22025EPSS
cve
cve
added 2009/10/14 10:0 a.m.105 views

CVE-2009-2504

CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...

9.3CVSS9.7AI score0.20982EPSS
cve
cve
added 2009/10/14 10:0 a.m.103 views

CVE-2009-2503

CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...

9.3CVSS9.6AI score0.22205EPSS
cve
cve
added 2014/11/11 10:0 p.m.97 views

CVE-2014-6334

CVE-2014-6334 affects Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3. The issue is a memory-handling flaw in parsing crafted Office documents that can lead to remote code execution or memory corruption/DoS. The connected OpenVAS/Nessus entries corroborate Word/Office comp...

9.3CVSS8.8AI score0.17204EPSS
cve
cve
added 2009/11/11 7:0 p.m.92 views

CVE-2009-3135

Microsoft Word Remote Code Execution (CVE-2009-3135) affects Word 2002 SP3, Word 2003 SP3, Word 2004/2008 for Mac, Open XML File Format Converter for Mac, Word Viewer 2003 SP3, and Word Viewer. The vulnerability is a stack-based buffer overflow in Word’s File Information Block (FIB) parsing, whic...

9.3CVSS7.8AI score0.35792EPSS
cve
cve
added 2014/11/11 10:0 p.m.83 views

CVE-2014-6333

CVE-2014-6333 affects Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3. The issue arises when parsing specially crafted Office documents, enabling a remote attacker to execute arbitrary code in the context of the logged-in user. The connected advisories consolidate three re...

9.3CVSS8.8AI score0.17852EPSS
cve
cve
added 2010/08/11 6:0 p.m.82 views

CVE-2010-1901

CVE-2010-1901 affects Microsoft Word and related Office components (Word 2002 SP3, 2003 SP3, 2007 SP2; Mac: Office 2004/2008, Open XML Converter for Mac, Word Viewer, Compatibility Pack SP2) where the RTF parsing engine mishandles unspecified properties in rich text data, causing a memory corrupt...

9.3CVSS7.7AI score0.19399EPSS
cve
cve
added 2010/08/11 6:0 p.m.78 views

CVE-2010-1903

CVE-2010-1903 is a Word HTML Linked Objects Memory Corruption vulnerability affecting Microsoft Office Word/Word Viewer. A remote attacker could trigger memory corruption by processing a specially crafted Word file, leading to remote code execution or potential denial of service. Public disclosur...

9.3CVSS7.6AI score0.19399EPSS
cve
cve
added 2010/08/11 6:0 p.m.75 views

CVE-2010-1900

CVE-2010-1900 affects Microsoft Word (various Windows/macOS editions) and related components. A remote-code-execution/memory-corruption flaw arises from Word opening malformed Word files that contain malformed records, enabling an attacker to execute arbitrary code or cause memory corruption on i...

9.3CVSS7.6AI score0.39813EPSS
cve
cve
added 2010/08/11 6:0 p.m.67 views

CVE-2010-1902

CVE-2010-1902 describes a remote-code-execution flaw in Microsoft Word’s RTF parsing engine. The vulnerability is triggered by crafted RTF data, specifically via drawing object control words that copy properties into a heap buffer without bounds checking, causing a heap buffer overflow. Affected ...

9.3CVSS7.9AI score0.23415EPSS
cve
cve
added 2014/11/11 10:0 p.m.67 views

CVE-2014-6335

CVE-2014-6335 affects Microsoft Word 2007 SP3, Word Viewer, and Office Compatibility Pack SP3. The root cause is improper handling of objects in memory while parsing specially crafted Office files, leading to remote code execution or memory corruption (and possible DoS). Technical details across ...

9.3CVSS8.8AI score0.16038EPSS