Lucene search
K
MicrosoftOpen Xml File Format Converter

81 matches found

CVE
CVE
added 2010/11/10 1:0 a.m.1323 views

CVE-2010-3333

CVE-2010-3333 is a stack-based buffer overflow in Microsoft Office’s RTF parser (pFragments shape property) that enables remote code execution via crafted RTF data. Affected products include Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office for Mac 2004/2008, Office for Mac 201...

9.3CVSS8.1AI score0.89497EPSS
In wild
CVE
CVE
added 2009/11/11 7:0 p.m.1004 views

CVE-2009-3129

CVE-2009-3129 concerns a remote-code-execution vulnerability in Microsoft Office Excel and related components caused by a FEATHEADER record with an invalid cbHdrData size that affects a pointer offset. Affected products include Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Open XML File Format Converte...

9.3CVSS7.5AI score0.85731EPSS
In wild
CVE
CVE
added 2009/06/10 5:37 p.m.995 views

CVE-2009-0563

CVE-2009-0563 is a Stack-based buffer overflow in Microsoft Word components that allows remote code execution when a user opens a crafted Word document with an invalid length field. Affected products include Word 2002 SP3, 2003 SP3, Word 2007 SP1/SP2, Office for Mac 2004/2008, Open XML File Forma...

9.3CVSS8.1AI score0.63081EPSS
In wild
CVE
CVE
added 2009/06/10 6:0 p.m.992 views

CVE-2009-0557

CVE-2009-0557 describes an Object Record Corruption vulnerability in Microsoft Office Excel across multiple platforms (Office 2000 SP3, XP SP3, 2003 SP3, Mac editions, and Excel Viewer/Compatibility Pack). The root cause is a malformed record object in an Excel file, enabling remote code executio...

9.3CVSS7.5AI score0.58551EPSS
In wild
CVE
CVE
added 2009/06/10 5:37 p.m.193 views

CVE-2009-0565

CVE-2009-0565 is a Word buffer-overflow vulnerability caused by a malformed record (Sprm) in Word documents, leading to remote code execution. Affected products include Microsoft Word 2000 SP3, 2002 SP3, 2007 SP1/SP2, Word for Mac 2004/2008, Open XML File Format Converter for Mac, and Office Comp...

9.3CVSS7.8AI score0.40503EPSS
CVE
CVE
added 2011/09/15 10:0 a.m.158 views

CVE-2011-1988

Microsoft Excel heap memory corruption vulnerability (MS11-072) tied to parsing BIFF2 records in Excel files can allow remote code execution. Affected products include Excel 2003 SP3, 2007 SP2, Office 2007 SP2, Office for Mac variants, Open XML Converter for Mac, Excel Viewer SP2, and related Mac...

9.3CVSS7.4AI score0.18609EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.147 views

CVE-2009-3130

CVE-2009-3130 corresponds to the Excel Document Parsing Heap Overflow vulnerability. Affected software includes Microsoft Office Excel 2002 SP3, Excel 2003 and newer on Windows via BIFF parsing, and Office for Mac variants plus the Open XML File Format Converter for Mac. The root cause is imprope...

9.3CVSS7.7AI score0.28934EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.147 views

CVE-2011-0097

CVE-2011-0097 is a Microsoft Excel integer-overflow in the 400h substream parsing that can trigger a stack-based buffer overflow and remote code execution. Affected are Excel on Windows (2002 SP3/2003 SP3/2007 SP2/2010) and Mac variants, plus related File Format converters/viewers. The vulnerabil...

9.3CVSS7.6AI score0.38221EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.138 views

CVE-2011-1273

Microsoft Excel (Windows: 2002/2003/2007/2010; Mac: 2004/2008/2011; Open XML Converter for Mac; Excel Viewer; Office Compatibility Pack) is affected by CVE-2011-1273 due to improper validation/parsing of Excel records. Multiple advisories attribute the issue to parsing errors (record-type handlin...

9.3CVSS7.6AI score0.16968EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.101 views

CVE-2011-0105

CVE-2011-0105 describes a buffer overflow in Microsoft Excel-related components caused by obtaining a length value from an uninitialized memory location, enabling remote code execution via a crafted Excel file. Affected products listed in the provided sources include Excel 2002 SP3, Office for Ma...

9.3CVSS7.8AI score0.71129EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.99 views

CVE-2010-0822

CVE-2010-0822 describes a stack-based overflow in Excel’s object (OBJ) record parser. The vulnerability permits remote code execution via a specially crafted Excel file and affects Excel 2002 SP3, Office 2004/2008 for Mac, and Open XML File Format Converter for Mac (per the initial entry). Public...

9.3CVSS7.9AI score0.70121EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.99 views

CVE-2011-0655

CVE-2011-0655 affects Microsoft PowerPoint and related Office components. The vulnerability arises when PowerPoint reads an invalid TimeColorBehaviorContainer Floating Point record in a PowerPoint file, with insufficient validation allowing remote code execution or memory corruption. Affected pro...

9.3CVSS7.6AI score0.22593EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.98 views

CVE-2010-0821

CVE-2010-0821 is identified in connected advisories as the Excel SXVIEW record parsing memory corruption vulnerability. It allows remote code execution if a user opens a specially crafted Excel file, due to improper parsing of SXVIEW structures. Exploitation requires user interaction (opening a c...

9.3CVSS7.5AI score0.24265EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.93 views

CVE-2010-1245

CVE-2010-1245 is a remote code execution vulnerability in Microsoft Office Excel involving a malformed SxView record that could be triggered by opening a crafted Excel file. Affected products include Excel 2002 SP3, Excel 2004 for Mac, Excel 2008 for Mac, and the Open XML File Format Converter fo...

9.3CVSS7.5AI score0.22356EPSS
CVE
CVE
added 2011/04/13 6:0 p.m.92 views

CVE-2011-0098

CVE-2011-0098 corresponds to a remote code execution vulnerability in Microsoft Office Excel. The issue is a buffer/heap overflow in parsing the Label record (Excel file format), allowing remote attackers to run arbitrary code by convincing a user to open a malicious XLS file. Affected products i...

9.3CVSS7.6AI score0.30499EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.91 views

CVE-2010-0257

CVE-2010-0257 is a remote code execution vulnerability in Microsoft Excel 2002 SP3 and Excel XP related to memory corruption when processing EntExU2 records in a crafted Excel file. Exploitation could allow an attacker to take full control of the affected system by convincing a user to open a mal...

9.3CVSS7.7AI score0.18587EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.90 views

CVE-2009-3127

CVE-2009-3127 (Excel Cache Memory Corruption) is a remote code execution vulnerability in Microsoft Office Excel variants: Excel 2002 SP3, 2003 SP3, 2004/2008 for Mac, Open XML File Format Converter for Mac, and Excel Viewer 2003 SP3. It stems from improper parsing of the Excel file format, allow...

9.3CVSS7.3AI score0.25075EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.90 views

CVE-2009-3135

Microsoft Word Remote Code Execution (CVE-2009-3135) affects Word 2002 SP3, Word 2003 SP3, Word 2004/2008 for Mac, Open XML File Format Converter for Mac, Word Viewer 2003 SP3, and Word Viewer. The vulnerability is a stack-based buffer overflow in Word’s File Information Block (FIB) parsing, whic...

9.3CVSS7.8AI score0.35792EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.87 views

CVE-2011-0980

CVE-2011-0980 corresponds to a memory corruption flaw in Microsoft Office that arises when parsing Office Art objects, enabling remote code execution via a crafted file. It affects Excel/Office components across Windows and Mac builds listed in the initial document (Excel 2002/2003, Office for Ma...

9.3CVSS7.6AI score0.26374EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.85 views

CVE-2008-4264

CVE-2008-4264 is a remote code execution vulnerability in Microsoft Office Excel (various Windows/macOS Excel versions) caused by pointer corruption while loading Excel formulas from a crafted file. The issue, also described as a File Format Parsing Vulnerability , could allow an attacker to take...

9.3CVSS7.3AI score0.25541EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.83 views

CVE-2008-4019

CVE-2008-4019 is an integer overflow in Excel’s REPT function used when parsing a formula within a cell, affecting multiple Windows and Mac Excel versions (e.g., 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1) and related viewers/compat packs. The vulnerability allows remote code execution if a ...

9.3CVSS7.5AI score0.34415EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.83 views

CVE-2008-4025

CVE-2008-4025 corresponds to a set of Word/RTF parsing vulnerabilities (word memory/RTF object parsing) in Office products where an integer overflow during RTF/Polyline point processing can trigger a heap-based buffer overflow and remote code execution. Affected software includes Word 2000 SP3, 2...

9.3CVSS7.7AI score0.32943EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.83 views

CVE-2010-0263

CVE-2010-0263 concerns Microsoft Office Excel XLSX File Parsing Code Execution. The vulnerability arises from insufficient validation of ZIP headers during decompression of Open XML XLSX documents, enabling remote code execution via a crafted file that accesses uninitialized memory. Affected soft...

9.3CVSS7.8AI score0.25692EPSS
CVE
CVE
added 2009/11/11 7:0 p.m.82 views

CVE-2009-3128

CVE-2009-3128 describes a remote code execution vulnerability in Microsoft Office Excel via a malformed SxView record in Excel files. Affects Excel 2002 SP3, Excel 2003 SP3, and Excel Viewer 2003 SP3; exploitation leads to arbitrary code execution with the attacker gaining the user’s privileges. ...

9.3CVSS7.3AI score0.24879EPSS
CVE
CVE
added 2011/02/10 6:0 p.m.82 views

CVE-2011-0979

CVE-2011-0979 affects Microsoft Excel and related Office components (including Mac versions) where errors parsing Office Art records in Excel spreadsheets allow remote code execution via a malformed object record (stray reference). Root cause is improper error handling during parsing of Office Ar...

9.3CVSS7.5AI score0.26523EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.81 views

CVE-2009-3132

CVE-2009-3132 is the Excel Index Parsing Vulnerability: a remote-code-execution flaw in Microsoft Office Excel where pointer corruption occurs while parsing Excel formulas/indices in affected Office Excel versions (Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, plus Mac variants and viewers). A crafted ...

9.3CVSS7.4AI score0.25883EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.81 views

CVE-2010-1249

CVE-2010-1249 is a memory corruption vulnerability in Microsoft Office Excel related to processing malformed ExternalName (record type 0x23) in Excel files, enabling remote code execution when a user opens a crafted file. Affected products per the CVE entry and linked advisories include Excel 200...

9.3CVSS7.8AI score0.24781EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.81 views

CVE-2010-1901

CVE-2010-1901 affects Microsoft Word and related Office components (Word 2002 SP3, 2003 SP3, 2007 SP2; Mac: Office 2004/2008, Open XML Converter for Mac, Word Viewer, Compatibility Pack SP2) where the RTF parsing engine mishandles unspecified properties in rich text data, causing a memory corrupt...

9.3CVSS7.7AI score0.19399EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.81 views

CVE-2010-3232

CVE-2010-3232 covers multiple Microsoft Office Excel-related parsing flaws: Excel record parsing vulnerabilities that allow remote code execution when opening specially crafted Excel files. The root cause is improper validation/handling of record information in the Excel file format, leading to m...

9.3CVSS7.6AI score0.21413EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.80 views

CVE-2008-4031

CVE-2008-4031 is a remote code execution vulnerability in Microsoft Office Word/Word components caused by a memory corruption during parsing of Rich Text Format (RTF) content. The issue can be triggered when a user opens a specially crafted RTF file or previews a malicious RTF email, potentially ...

9.3CVSS7.4AI score0.2339EPSS
CVE
CVE
added 2010/03/10 10:0 p.m.80 views

CVE-2010-0262

CVE-2010-0262 describes a remote code execution vulnerability in Microsoft Office Excel stemming from an uninitialized memory access in the FNGROUPNAME record during parsing of Excel files. The issue could let an attacker execute arbitrary code with the privileges of the user who opens a crafted ...

9.3CVSS7.7AI score0.21256EPSS
CVE
CVE
added 2008/10/15 12:0 a.m.79 views

CVE-2008-3471

CVE-2008-3471 is a stack-based buffer overflow in Microsoft Excel’s BIFF file format parsing, triggered by a malformed record in a .xls file. Affected products include Excel 2000 SP3, 2002 SP3, 2003 SP2/SP3, 2007 Gold/SP1, Excel Viewer (2003 SP3) and related Mac components, as well as the Open XM...

9.3CVSS7.8AI score0.52318EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.79 views

CVE-2009-0561

The CVE-2009-0561 issue is a heap-based buffer overflow in Microsoft Excel triggered while parsing a Shared String Table (SST) record when a numeric field specifies an invalid number of unique strings. Affects multiple Windows/macOS Excel versions across Office 2000–2008 and related viewers/compa...

9.3CVSS7.9AI score0.36897EPSS
CVE
CVE
added 2009/11/11 8:0 p.m.78 views

CVE-2009-3134

CVE-2009-3134 is the Excel Field Sanitization Vulnerability. It affects Microsoft Office Excel components across Windows and Mac platforms listed in the entries, including Excel 2002 SP3, 2003 SP3, 2007 SP1/SP2, Office 2004/2008 for Mac, Open XML Converter for Mac, Excel Viewer SKUs, and the Offi...

9.3CVSS7.4AI score0.25777EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.77 views

CVE-2008-4024

CVE-2008-4024 affects Microsoft Word 2000 SP3, Word 2002 SP3, and Word 2004 for Mac. A remote code execution vulnerability arises when processing a specially crafted Word file containing lcbPlcfBkfSdt in the File Information Block (FIB); this can bypass an initialization step and trigger an arbit...

9.3CVSS7.2AI score0.28876EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.77 views

CVE-2010-1250

CVE-2010-1250 is a remote code execution vulnerability in Microsoft Office Excel, caused by a heap overflow when parsing malformed EDG (0x88) and Publisher (0x89) records. Affects Excel 2002 SP3, Excel for Mac (2004, 2008), and Open XML File Format Converter for Mac. Microsoft MS10-038 addresses ...

9.3CVSS8.1AI score0.23843EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.76 views

CVE-2008-4028

CVE-2008-4028 is described in connected advisories as a Word RTF Object Parsing memory corruption/heap overflow vulnerability. It affects Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, 2007 Gold/SP1; Word Viewer 2003; Office Compatibility Pack for Word/Excel/PowerPoint 2007 File Formats Gold...

9.3CVSS7.5AI score0.38057EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.76 views

CVE-2008-4837

CVE-2008-4837 is a Word memory corruption vulnerability (Word Memory Corruption Vulnerability) affecting Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold/SP1, Word Viewer 2003, and related Office components. The issue arises from a stack/memory corruption when processing a crafted Word document w...

9.3CVSS7.7AI score0.37422EPSS
CVE
CVE
added 2010/10/13 6:0 p.m.76 views

CVE-2010-3214

The CVE-2010-3214 entry maps to a stack-based buffer overflow in Microsoft Word triggered by parsing specific Word structures (UPX data) in crafted Word documents, enabling remote code execution. Affected products include Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Word for Mac 2004 and 2008; th...

9.3CVSS7.9AI score0.24787EPSS
CVE
CVE
added 2010/11/10 1:0 a.m.76 views

CVE-2010-3336

CVE-2010-3336 is a remote code execution vulnerability in Microsoft Office (MSO Large SPID Read AV Vulnerability). The MS10-087 bulletin documents this family of Office memory-corruption flaws, affecting Office XP SP3, Office 2003/2004/2007/2010 on Windows, Office for Mac 2011, and Open XML File ...

9.3CVSS7.6AI score0.23915EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.76 views

CVE-2011-1272

Summary (CVE-2011-1272) : This vulnerability affects Microsoft Excel and related components (Excel 2002 SP3, 2003 SP3, 2007 SP2; Office 2004/2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack SP2) and is caused by improper validation of record struct...

9.3CVSS7.5AI score0.17592EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.75 views

CVE-2011-1275

CVE-2011-1275 affects Microsoft Excel components across Windows/macOS environments (Excel 2002 SP3; Office 2004/2008/2011 for Mac; Open XML File Format Converter for Mac). The issue arises from improper validation of record information during Excel file parsing, causing a memory handling error th...

9.3CVSS7.7AI score0.1332EPSS
CVE
CVE
added 2008/12/10 1:33 p.m.74 views

CVE-2008-4027

CVE-2008-4027 is a remote code execution vulnerability in Microsoft Word/Office applications caused by parsing malformed Rich Text Format (RTF) files. The flaw arises from mishandling consecutive Drawing Object ("\do") tags, leading to memory corruption and potential arbitrary code execution. Aff...

9.3CVSS7.3AI score0.33906EPSS
CVE
CVE
added 2011/06/16 8:21 p.m.74 views

CVE-2011-1274

Vulnerability CVE-2011-1274 affects Microsoft Excel and related Office components across multiple platforms (Excel 2002/2003/2007; Office for Mac 2004/2008; Excel Viewer; Open XML Converter for Mac; Office Compatibility Pack). The issue arises when parsing certain Excel record structures, where i...

9.3CVSS7.6AI score0.1332EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.73 views

CVE-2010-1900

CVE-2010-1900 affects Microsoft Word (various Windows/macOS editions) and related components. A remote-code-execution/memory-corruption flaw arises from Word opening malformed Word files that contain malformed records, enabling an attacker to execute arbitrary code or cause memory corruption on i...

9.3CVSS7.6AI score0.39813EPSS
CVE
CVE
added 2011/05/13 5:0 p.m.73 views

CVE-2011-1269

CVE-2011-1269 affects Microsoft PowerPoint and related Office components on Windows and Mac (PowerPoint 2002/2003/2007; Office for Mac 2004/2008; Open XML Converter for Mac; Office Compatibility Pack). The root cause is unspecified function calls during file parsing that mishandle memory, leading...

9.3CVSS7.7AI score0.14883EPSS
CVE
CVE
added 2009/06/10 6:0 p.m.71 views

CVE-2009-0558

CVE-2009-0558 is an Array Indexing Memory Corruption Vulnerability in Microsoft Office Excel parsing code that can be triggered by a specially crafted Excel file. It affects Microsoft Office/Excel on Mac (Office 2004 and 2008 for Mac) and the Open XML File Format Converter for Mac, as well as Exc...

9.3CVSS7.5AI score0.3107EPSS
CVE
CVE
added 2010/06/08 8:0 p.m.71 views

CVE-2010-1253

CVE-2010-1253 is a remote-code-execution vulnerability in Microsoft Excel related to parsing DBQueryExt records (Excel ADO Object Vulnerability). The issue affects Excel on Windows platforms (Excel 2002 SP3; Excel 2007 SP1/SP2) and Excel on Mac (Office for Mac 2004/2008) plus Open XML File Format...

9.3CVSS7.5AI score0.25692EPSS
CVE
CVE
added 2010/08/11 6:0 p.m.71 views

CVE-2010-2562

CVE-2010-2562 affects Microsoft Office Excel and components on Windows and Mac: Excel 2002 SP3/2003 SP3, Office 2004/2008 for Mac, and Open XML File Format Converter for Mac. The root cause is a parsing logic error in the Excel file format, leading to a memory corruption vulnerability that can al...

9.3CVSS7.7AI score0.17612EPSS
CVE
CVE
added 2010/11/10 1:0 a.m.71 views

CVE-2010-3335

CVE-2010-3335 affects Microsoft Office suites (Windows and Mac) and the Open XML File Format Converter for Mac. It exploits a use-after-free/memory-corruption in Office Art record handling during exception processing, enabling remote code execution when users open a specially crafted Excel docume...

9.3CVSS7.4AI score0.23915EPSS
Total number of security vulnerabilities81