Lucene search

K
MicrosoftOffice2000

84 matches found

CVE
CVE
added 2008/03/11 11:44 p.m.49 views

CVE-2008-0117

Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability."

9.3CVSS9.6AI score0.7417EPSS
CVE
CVE
added 2008/08/12 11:41 p.m.49 views

CVE-2008-3460

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG file, aka the "WPG Image File Heap Corruption Vulner...

9.3CVSS7.3AI score0.60485EPSS
CVE
CVE
added 2000/03/22 5:0 a.m.48 views

CVE-2000-0088

Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.

7.2CVSS7.5AI score0.00513EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.48 views

CVE-2002-0616

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."

5.1CVSS7.2AI score0.10819EPSS
CVE
CVE
added 2007/01/09 11:28 p.m.48 views

CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an ear...

9.3CVSS7.4AI score
CVE
CVE
added 2009/06/10 6:0 p.m.48 views

CVE-2009-1533

Buffer overflow in the Works for Windows document converters in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9 allows remote attackers to execute arbitrary code via a crafted Works .wps file that triggers memory corruption, aka "File Converter Buffer...

9.3CVSS7.8AI score0.73508EPSS
CVE
CVE
added 2007/01/09 11:0 p.m.47 views

CVE-2006-1305

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.

4.3CVSS6.6AI score0.51445EPSS
CVE
CVE
added 2007/02/13 8:28 p.m.47 views

CVE-2006-1311

The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF...

9.3CVSS7.4AI score0.68598EPSS
CVE
CVE
added 2007/07/10 10:30 p.m.47 views

CVE-2007-1756

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability".

9.3CVSS7.3AI score0.67687EPSS
CVE
CVE
added 2008/08/13 12:41 a.m.47 views

CVE-2008-1455

A "memory calculation error" in Microsoft Office PowerPoint 2000 SP3, 2002 SP3, 2003 SP2, and 2007 through SP1; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 through SP1; and Office 2004 for Mac allows remote attackers to execute arbitrary code via a PowerPoint file with crafted li...

6.8CVSS7.4AI score0.63798EPSS
CVE
CVE
added 2006/07/11 9:5 p.m.46 views

CVE-2006-1316

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, aka "Microsoft Office Pars...

9.3CVSS7.2AI score0.74233EPSS
CVE
CVE
added 2006/10/10 10:7 p.m.46 views

CVE-2006-3647

Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Execution," a different vulnerability than CVE...

9.3CVSS7.6AI score0.59337EPSS
CVE
CVE
added 2008/08/12 11:41 p.m.46 views

CVE-2008-3021

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field, aka the "PICT Filter Parsing Vulnerability," a d...

9.3CVSS7.2AI score0.67964EPSS
CVE
CVE
added 2004/09/01 4:0 a.m.45 views

CVE-2002-0615

The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".

7.5CVSS6.2AI score0.11402EPSS
CVE
CVE
added 2004/09/28 4:0 a.m.45 views

CVE-2004-0573

Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.

7.5CVSS7.8AI score0.47093EPSS
CVE
CVE
added 2006/03/14 11:2 p.m.45 views

CVE-2006-0009

Buffer overflow in Microsoft Office 2000 SP3, XP SP3, and other versions and packages, allows user-assisted attackers to execute arbitrary code via a routing slip that is longer than specified by the provided length field, as exploited by malware such as TROJ_MDROPPER.BH and Trojan.PPDropper.E in a...

5.1CVSS7.4AI score0.62227EPSS
CVE
CVE
added 2006/03/14 11:2 p.m.45 views

CVE-2006-0028

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid...

5.1CVSS7.1AI score0.51677EPSS
CVE
CVE
added 2008/08/12 11:41 p.m.45 views

CVE-2008-3019

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Malformed EPS Filter Vulnerability."

9.3CVSS7.3AI score0.54114EPSS
CVE
CVE
added 2003/04/02 5:0 a.m.44 views

CVE-2002-0618

The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".

7.5CVSS7AI score0.16885EPSS
CVE
CVE
added 2006/02/14 8:2 p.m.44 views

CVE-2006-0004

Microsoft PowerPoint 2000 in Office 2000 SP3 has an interaction with Internet Explorer that allows remote attackers to obtain sensitive information via a PowerPoint presentation that attempts to access objects in the Temporary Internet Files Folder (TIFF).

5CVSS6AI score0.51955EPSS
CVE
CVE
added 2006/03/14 11:2 p.m.44 views

CVE-2006-0029

Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption.

5.1CVSS7.2AI score0.40426EPSS
CVE
CVE
added 2006/07/10 10:5 p.m.44 views

CVE-2006-3493

Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NO...

5.1CVSS7.5AI score0.57694EPSS
CVE
CVE
added 2006/07/11 9:5 p.m.43 views

CVE-2006-0033

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed.

9.3CVSS7.4AI score0.45773EPSS
CVE
CVE
added 2001/05/07 4:0 a.m.42 views

CVE-2001-0003

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtain NTLM credentials and possibly obtain the password, aka the "Web Client NTLM Authentication" vulner...

5CVSS7AI score0.16137EPSS
CVE
CVE
added 2007/05/30 10:30 a.m.42 views

CVE-2007-2903

Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control (OUACTRL.OCX) 1.0.1.9 allows remote attackers to cause a denial of service (probably winhlp32.exe crash) via a long first argument. NOTE: it is not clear whether this issue crosses ...

5CVSS6.9AI score0.42085EPSS
CVE
CVE
added 2008/02/12 11:0 p.m.41 views

CVE-2008-0104

Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.4845EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.41 views

CVE-2008-0119

Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corruption, aka "Publisher Object Handler Validation Vul...

9.3CVSS7.3AI score0.5673EPSS
CVE
CVE
added 2014/09/19 10:55 a.m.40 views

CVE-2006-1318

Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."

9.3CVSS7.8AI score0.1806EPSS
CVE
CVE
added 2007/02/13 9:28 p.m.40 views

CVE-2007-0208

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.

9.3CVSS7.2AI score0.57631EPSS
CVE
CVE
added 2008/03/11 11:44 p.m.40 views

CVE-2008-0110

Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI.

9.3CVSS7.2AI score0.54784EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.40 views

CVE-2008-1091

Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers a "memory calculation error" and a heap-based bu...

9.3CVSS7.4AI score0.62379EPSS
CVE
CVE
added 2007/01/09 11:28 p.m.39 views

CVE-2007-0034

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."

9.3CVSS7.5AI score0.62591EPSS
CVE
CVE
added 2006/09/05 5:4 p.m.38 views

CVE-2006-4534

Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with names including Trojan.Mdropper.Q, Mofei, and Femo.

9.3CVSS7.4AI score0.46692EPSS
CVE
CVE
added 2007/10/09 10:17 p.m.38 views

CVE-2007-3899

Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.51546EPSS
Total number of security vulnerabilities84