Lucene search

K
MicrosoftOffice2003

122 matches found

CVE
CVE
added 2012/04/10 9:55 p.m.1628 views

CVE-2012-0158

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 20...

9.3CVSS7.8AI score0.94314EPSS
CVE
CVE
added 2010/11/10 3:0 a.m.1248 views

CVE-2010-3333

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow...

9.3CVSS8.1AI score0.93964EPSS
CVE
CVE
added 2012/08/15 1:55 a.m.1182 views

CVE-2012-1856

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce ...

9.3CVSS7.9AI score0.91953EPSS
CVE
CVE
added 2013/11/06 3:55 p.m.1054 views

CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Wo...

9.3CVSS9.4AI score0.92746EPSS
CVE
CVE
added 2013/06/12 3:29 a.m.1039 views

CVE-2013-1331

Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."

9.3CVSS7.8AI score0.86654EPSS
CVE
CVE
added 2006/05/20 12:2 a.m.965 views

CVE-2006-2492

Buffer overflow in Microsoft Word in Office 2000 SP3, Office XP SP3, Office 2003 Sp1 and SP2, and Microsoft Works Suites through 2006, allows user-assisted attackers to execute arbitrary code via a malformed object pointer, as originally reported by ISC on 20060519 for a zero-day attack.

8.8CVSS7.4AI score0.78682EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.945 views

CVE-2009-0563

Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility Pack for Word, Excel...

9.3CVSS8.1AI score0.77896EPSS
CVE
CVE
added 2009/06/10 6:30 p.m.938 views

CVE-2009-0557

Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility ...

9.3CVSS7.5AI score0.83015EPSS
CVE
CVE
added 2012/05/09 12:55 a.m.171 views

CVE-2012-0167

Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability."

9.3CVSS7.9AI score0.65939EPSS
CVE
CVE
added 2012/05/09 12:55 a.m.164 views

CVE-2012-0165

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, aka "GDI+ Record Type Vulnerability."

9.3CVSS7.5AI score0.62114EPSS
CVE
CVE
added 2012/07/10 9:55 p.m.164 views

CVE-2012-1854

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current wo...

6.9CVSS6.4AI score0.00645EPSS
CVE
CVE
added 2012/05/09 12:55 a.m.157 views

CVE-2012-0159

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411...

9.3CVSS7.4AI score0.6658EPSS
CVE
CVE
added 2013/01/09 6:9 p.m.154 views

CVE-2013-0007

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."

9.3CVSS7.5AI score0.26376EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.133 views

CVE-2009-2528

GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."

9.3CVSS7.2AI score0.43234EPSS
CVE
CVE
added 2008/05/13 10:20 p.m.131 views

CVE-2008-1434

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (CSS) selectors, related to a "memory handling erro...

9.3CVSS7.2AI score0.60485EPSS
CVE
CVE
added 2013/11/13 12:55 a.m.124 views

CVE-2013-1325

Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability."

9.3CVSS7.9AI score0.55401EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.119 views

CVE-2009-2500

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...

9.3CVSS7.9AI score0.54154EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.119 views

CVE-2009-3126

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office ...

9.3CVSS9.7AI score0.48214EPSS
CVE
CVE
added 2006/01/10 10:3 p.m.115 views

CVE-2006-0002

Unspecified vulnerability in Microsoft Outlook 2000 through 2003, Exchange 5.0 Server SP2 and 5.5 SP4, Exchange 2000 SP3, and Office allows remote attackers to execute arbitrary code via an e-mail message with a crafted Transport Neutral Encapsulation Format (TNEF) MIME attachment, related to messa...

7.5CVSS7.3AI score0.56178EPSS
CVE
CVE
added 2008/09/11 1:1 a.m.114 views

CVE-2007-5348

Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 20...

9.3CVSS8AI score0.76417EPSS
CVE
CVE
added 2004/09/28 4:0 a.m.112 views

CVE-2004-0200

Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy oper...

9.3CVSS7.6AI score0.75514EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.105 views

CVE-2009-2501

Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP...

9.3CVSS9.7AI score0.42403EPSS
CVE
CVE
added 2009/08/12 5:30 p.m.104 views

CVE-2009-0562

The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 2004 SP3 and 2006 SP1, and Office...

9.3CVSS7.5AI score0.65426EPSS
CVE
CVE
added 2013/01/09 6:9 p.m.101 views

CVE-2013-0006

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

9.3CVSS7.5AI score0.59737EPSS
CVE
CVE
added 2009/07/15 3:30 p.m.98 views

CVE-2009-1136

The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceler...

9.3CVSS7.2AI score0.85958EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.97 views

CVE-2009-2502

Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E...

9.3CVSS9.7AI score0.42434EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.94 views

CVE-2008-3013

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, S...

9.3CVSS7.7AI score0.74609EPSS
CVE
CVE
added 2010/06/08 8:30 p.m.92 views

CVE-2010-1263

Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantia...

9.3CVSS7.4AI score0.4797EPSS
CVE
CVE
added 2009/08/12 5:30 p.m.87 views

CVE-2009-2496

Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Acceleration (ISA) Server 200...

9.3CVSS8AI score0.61262EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.86 views

CVE-2008-3014

Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital ...

9.3CVSS7.8AI score0.71547EPSS
CVE
CVE
added 2006/03/30 11:2 a.m.85 views

CVE-2006-1540

MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a ...

9.3CVSS7.4AI score0.69796EPSS
CVE
CVE
added 2010/05/12 11:46 a.m.84 views

CVE-2010-0815

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via ...

9.3CVSS7.6AI score0.61415EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.83 views

CVE-2009-2503

GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Of...

9.3CVSS9.6AI score0.41156EPSS
CVE
CVE
added 2009/10/14 10:30 a.m.81 views

CVE-2009-2504

Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project...

9.3CVSS9.7AI score0.46054EPSS
CVE
CVE
added 2009/08/12 5:30 p.m.79 views

CVE-2009-1534

Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary code via crafted property values, aka "Office Web ...

9.3CVSS7.8AI score0.7543EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.78 views

CVE-2008-1089

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability."

9.3CVSS7.3AI score0.5085EPSS
CVE
CVE
added 2008/04/08 11:5 p.m.78 views

CVE-2008-1090

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."

9.3CVSS7.3AI score0.59441EPSS
CVE
CVE
added 2013/07/10 3:46 a.m.77 views

CVE-2013-3129

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8,...

9.3CVSS7.3AI score0.44189EPSS
CVE
CVE
added 2006/12/06 8:28 p.m.73 views

CVE-2006-5994

Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vul...

9.3CVSS7.3AI score0.62479EPSS
CVE
CVE
added 2007/01/26 12:28 a.m.73 views

CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a differ...

9.3CVSS7.3AI score0.76277EPSS
CVE
CVE
added 2006/10/10 10:7 p.m.72 views

CVE-2006-3877

Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-20...

9.3CVSS7.1AI score0.55161EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.70 views

CVE-2008-3015

Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 2005 SP2, Report Viewer 2005 SP1 and ...

9.3CVSS8AI score0.71538EPSS
CVE
CVE
added 2008/09/11 1:11 a.m.66 views

CVE-2008-3012

gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, S...

9.3CVSS7.7AI score0.70686EPSS
CVE
CVE
added 2006/12/11 5:28 p.m.65 views

CVE-2006-6456

Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994.

9.3CVSS6.7AI score0.62479EPSS
CVE
CVE
added 2013/11/13 12:55 a.m.64 views

CVE-2013-1324

Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability."

9.3CVSS7.9AI score0.55401EPSS
CVE
CVE
added 2006/10/10 10:7 p.m.63 views

CVE-2006-2387

Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-386...

5.1CVSS7.1AI score0.3985EPSS
CVE
CVE
added 2007/02/03 1:28 a.m.61 views

CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

9.3CVSS7.5AI score0.62106EPSS
CVE
CVE
added 2007/11/20 12:46 a.m.61 views

CVE-2007-6026

Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. ...

9.3CVSS7.3AI score0.69461EPSS
CVE
CVE
added 2008/02/12 11:0 p.m.61 views

CVE-2008-0105

Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability."

9.3CVSS7.3AI score0.7702EPSS
CVE
CVE
added 2006/07/11 9:5 p.m.60 views

CVE-2006-2389

Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, aka "Microsoft Office ...

9.3CVSS7.2AI score0.74233EPSS
Total number of security vulnerabilities122