Word Security Vulnerabilities and Issues — Word CVE List

Lucene search

MicrosoftWord

8 matches found

CVE•added 2007/01/26 12:28 a.m.•73 views

CVE-2007-0515

Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a differ...

9.3CVSS7.3AI score0.76277EPSS

CVE•added 2007/05/08 11:19 p.m.•62 views

CVE-2007-1202

Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrar...

6.8CVSS7.3AI score0.58163EPSS

CVE•added 2007/02/03 1:28 a.m.•61 views

CVE-2007-0671

Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.

9.3CVSS7.5AI score0.62106EPSS

CVE•added 2007/04/10 11:19 p.m.•61 views

CVE-2007-1910

Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.

6.8CVSS7.8AI score0.36367EPSS

CVE•added 2007/02/11 9:28 p.m.•57 views

CVE-2007-0870

Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027.

7.6CVSS6.2AI score0.76277EPSS

CVE•added 2007/04/10 11:19 p.m.•46 views

CVE-2007-1911

Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow.

7.1CVSS7.2AI score0.1355EPSS

CVE•added 2007/02/13 9:28 p.m.•40 views

CVE-2007-0208

Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.

9.3CVSS7.2AI score0.57631EPSS

CVE•added 2007/10/09 10:17 p.m.•38 views

CVE-2007-3899

Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability."

9.3CVSS7.5AI score0.51546EPSS