Office Security Vulnerabilities and Issues — Office CVE List

Lucene search

MicrosoftOffice

10 matches found

CVE•added 2007/01/26 12:28 a.m.•73 views

CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a differ...

9.3CVSS7.3AI score0.76499EPSS

CVE•added 2007/01/09 11:28 p.m.•53 views

CVE-2007-0029

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."

9.3CVSS7.6AI score0.55516EPSS

CVE•added 2007/01/09 11:28 p.m.•53 views

CVE-2007-0031

Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.

9.3CVSS7.7AI score0.75533EPSS

CVE•added 2007/01/09 10:28 p.m.•52 views

CVE-2007-0027

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.

9.3CVSS7.6AI score0.58051EPSS

CVE•added 2007/01/09 11:28 p.m.•49 views

CVE-2007-0028

Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an ear...

9.3CVSS7.4AI score

CVE•added 2007/01/09 11:28 p.m.•49 views

CVE-2007-0030

Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.

9.3CVSS7.4AI score0.5863EPSS

CVE•added 2007/01/09 11:28 p.m.•49 views

CVE-2007-0033

Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file.

9.3CVSS7.4AI score0.59958EPSS

CVE•added 2007/01/09 11:0 p.m.•47 views

CVE-2006-1305

Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.

4.3CVSS6.6AI score0.51445EPSS

CVE•added 2007/01/09 10:0 p.m.•41 views

CVE-2006-5574

Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed.

9.3CVSS7.6AI score0.39159EPSS

CVE•added 2007/01/09 11:28 p.m.•39 views

CVE-2007-0034

Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."

9.3CVSS7.5AI score0.62591EPSS