59 matches found
CVE-2009-2500
This CVE corresponds to MS09-062: GDI+ WMF Integer Overflow Vulnerability. Affected are Microsoft GDI+ image-processing paths used by WMF, PNG, TIFF, BMP handling across Windows components and Office/Viewer products (e.g., IE6, Office suites, Visio, Project, SQL/Report Viewer, Forefront Client Se...
CVE-2009-2528
CVE-2009-2528 is a memory corruption vulnerability in GDI+ used by Microsoft Office XP/2000 when parsing Office Art Property Tables. A crafted Office document can trigger remote code execution. Microsoft Security Bulletin MS09-062 (KB957488) provides patches; apply the MS09-062 updates to remedia...
CVE-2009-3126
CVE-2009-3126 corresponds to the GDI+ PNG Integer Overflow vulnerability described in MS09-062. The issue arises from an integer overflow in GDI+ when processing PNG images, which could allow remote code execution if a user opens a specially crafted image. The vulnerability affects a wide range o...
CVE-2012-0177
CVE-2012-0177 affects the Office Works File Converter in Microsoft Office 2007 SP2, Works 9, and Works 6–9 File Converter. The vulnerability is a heap-based buffer overflow when parsing .wps (Works) files, enabling remote code execution. The attacker could trigger this without user interaction, p...
CVE-2007-5348
The CVE-2007-5348 entry concerns an IMAGE processing vulnerability in Microsoft GDI+ that could enable remote code execution. The connected KB954593 article MS08-052 describes multiple vulnerabilities in GDI+ across Windows and Office components that could be exploited by viewing a specially craf...
CVE-2009-2501
CVE-2009-2501 describes a heap-based buffer overflow in Microsoft GDI+ when processing PNG images, enabling remote code execution via crafted PNGs. Affected software/contexts include Internet Explorer 6 SP1 on Windows XP (SP2/SP3) and various Microsoft Office components and viewers that rely on G...
CVE-2012-2550
Microsoft Works for Windows (Works 9) has a heap overflow/heap memory corruption vulnerability in Word file handling that could allow remote code execution when a user opens a crafted .doc file. An attacker could run arbitrary code subject to the user’s privileges. This is referenced as MS12-065 ...
CVE-2009-2502
CVE-2009-2502 is a GDI+ TIFF buffer overflow vulnerability that could allow remote code execution when processing a specially crafted TIFF image. The vulnerability affects multiple Microsoft products enabled via Internet Explorer 6 SP1, various Windows and Office suites, Viewer components, and re...
CVE-2008-3013
CVE-2008-3013 corresponds to a GDI+ GIF parsing vulnerability. The connected KB954593 (MS08-052) describes remote code execution in Windows GDI+ when a user views a specially crafted GIF, affecting multiple Windows versions and Office components. The underlying issue is memory corruption during G...
CVE-2009-2504
CVE-2009-2504 corresponds to MS09-062: multiple remote code execution vulnerabilities in Windows GDI+ exposed via GDI+ APIs used by .NET Framework and Office components. The issue stems from integer overflows/buffer handling in GDI+, enabling remote code execution when rendering crafted images in...
CVE-2008-3014
CVE-2008-3014 is the GDI+ WMF Buffer Overrun vulnerability. A buffer overflow in gdiplus.dll (GDI+) allows remote code execution when processing a malformed WMF image, affecting multiple Windows and Office components listed in the description (e.g., Internet Explorer 6 SP1 on various Windows vers...
CVE-2009-2503
CVE-2009-2503 is a GDI+ memory corruption vulnerability in Microsoft components that can be triggered by a crafted TIFF image file, enabling remote code execution. The weakness resides in how GDI+ allocates memory when processing TIFFs, affecting a wide range of Windows and Office products listed...
CVE-2006-5994
CVE-2006-5994 is a remote-code-execution vulnerability in Microsoft Word (2000, 2002, Word Viewer 2003, Word 2003, and Word on Mac 2004/2004 v. X; also affects Works 2004–2006). The root cause, per the connected materials, is that Word does not sufficiently validate certain strings when processin...
CVE-2007-0515
CVE-2007-0515 affects Microsoft Word via a Section Table/Table Stream buffer overflow in Word documents. The vulnerability allows memory corruption that, per sources, enabled remote code execution on Word 2000 (and denial of service on Word 2003) when users open a crafted .doc file. Root cause: S...
CVE-2008-3015
CVE-2008-3015 (GDI+ BMP Integer Overflow) describes a vulnerability in gdiplus.dll where a BMP BitMapInfoHeader with malformed data can trigger a buffer overflow, enabling remote code execution. Affected products include Office XP SP3, Office 2003 SP2/SP3, Office 2007, Visio 2002 SP2, PowerPoint ...
CVE-2008-3012
CVE-2008-3012 corresponds to an in-GDI+ memory allocation flaw in gdiplus.dll that could allow remote code execution when a specially crafted EMF image is viewed. Connected docs confirm this as MS08-052, addressing vulnerabilities in GDI+ across Windows and Office components (IE6, Windows XP, Ser...
CVE-2008-4025
CVE-2008-4025 corresponds to a set of Word/RTF parsing vulnerabilities (word memory/RTF object parsing) in Office products where an integer overflow during RTF/Polyline point processing can trigger a heap-based buffer overflow and remote code execution. Affected software includes Word 2000 SP3, 2...
CVE-2004-0848
CVE-2004-0848 corresponds to a buffer overflow in Microsoft Office XP that can allow remote code execution via specially crafted HTML links referencing URL file locations. Connected advisories detail that the overflow occurs in the Office process handling URL file references, enabling arbitrary c...
CVE-2008-4031
CVE-2008-4031 is a remote code execution vulnerability in Microsoft Office Word/Word components caused by a memory corruption during parsing of Rich Text Format (RTF) content. The issue can be triggered when a user opens a specially crafted RTF file or previews a malicious RTF email, potentially ...
CVE-2006-6456
CVE-2006-6456 is a remote code execution flaw in Microsoft Word 2000, Word 2002, Word 2003 and Word Viewer 2003 caused by malformed data structures in Word files. Attackers could exploit via specially crafted Word files (e.g., attachments or web-hosted content) to execute arbitrary code with the ...
CVE-2003-0820
CVE-2003-0820 / CVE-2003-0821 describe buffer overrun and macro security bypass in Microsoft Word and Excel (Word 97–2002, Works Suite 2001–2004). Root cause: improper validation of data lengths in Macro Names (Word) and related macro handling, enabling arbitrary code execution when a user opens ...
CVE-2008-3018
CVE-2008-3021 concerns a memory corruption/vulnerability in Microsoft Office filters when processing malformed PICT images. Affected products include Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, Office Converter Pack, and Works 8. The issue stems from improper handling of PICT image...
CVE-2008-4024
CVE-2008-4024 affects Microsoft Word 2000 SP3, Word 2002 SP3, and Word 2004 for Mac. A remote code execution vulnerability arises when processing a specially crafted Word file containing lcbPlcfBkfSdt in the File Information Block (FIB); this can bypass an initialization step and trigger an arbit...
CVE-2008-4028
CVE-2008-4028 is described in connected advisories as a Word RTF Object Parsing memory corruption/heap overflow vulnerability. It affects Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, 2007 Gold/SP1; Word Viewer 2003; Office Compatibility Pack for Word/Excel/PowerPoint 2007 File Formats Gold...
CVE-2008-4837
CVE-2008-4837 is a Word memory corruption vulnerability (Word Memory Corruption Vulnerability) affecting Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold/SP1, Word Viewer 2003, and related Office components. The issue arises from a stack/memory corruption when processing a crafted Word document w...
CVE-2007-1202
CVE-2007-1202 is the Word RTF Parsing Vulnerability. It affects Word/Word Viewer and related Office products (Office 2000 SP3, Word 2000; Office XP SP3/Word 2002; Office 2003 SP2/Word 2003; Word Viewer 2003; Office 2004 for Mac; Works Suites 2004–2006) where Word mishandles rich text property str...
CVE-2008-4027
CVE-2008-4027 is a remote code execution vulnerability in Microsoft Word/Office applications caused by parsing malformed Rich Text Format (RTF) files. The flaw arises from mishandling consecutive Drawing Object ("\do") tags, leading to memory corruption and potential arbitrary code execution. Aff...
CVE-2010-3947
The CVE-2010-3947 issue is a heap-based buffer overflow in the TIFF Image Converter used by Microsoft Office’s graphics filters, affecting Office XP SP3, Office Converter Pack, and Works 9. A crafted TIFF image can trigger remote code execution via the TIFF import/export filter in Office document...
CVE-2009-2506
The CVE-2009-2506 issue is a memory corruption/heap overflow vulnerability in WordPad and Office text converters when parsing the DocumentSummaryInformation stream of a specially crafted Word 97 DOC file. A remote attacker could execute arbitrary code with the privileges of the logged-on user by ...
CVE-2010-1900
CVE-2010-1900 affects Microsoft Word (various Windows/macOS editions) and related components. A remote-code-execution/memory-corruption flaw arises from Word opening malformed Word files that contain malformed records, enabling an attacker to execute arbitrary code or cause memory corruption on i...
CVE-2007-0027
CVE-2007-0027 affects Microsoft Excel versions including Excel 2000 SP3, 2002 SP3, 2003 SP2, Excel 2004 for Mac, and Excel v.X for Mac. The flaw is a remote code execution due to memory corruption when parsing malformed IMDATA records in BIFF Excel files. An attacker could exploit this by enticin...
CVE-2008-0105
The CVE-2008-0105 entry concerns a remote-code-execution vulnerability in the Microsoft Works File Converter (wkcvqd01.dll) used by Office 2003 (SP2/SP3), Works 6/8. The flaw arises from insufficient validation of the section header index table in .wps files, allowing arbitrary code execution whe...
CVE-2006-6561
CVE-2006-6561 is a memory‑corruption vulnerability in Microsoft Word 2000, Word 2002, and Word Viewer 2003 triggered by a crafted DOC file, enabling remote code execution. The issue is demonstrated via the 12122006-djtest.doc file and is related to other Word memory‑corruption CVEs (e.g., CVE-200...
CVE-2008-3020
CVE-2008-3020 is a remote code execution vulnerability in Microsoft Office filters, specifically in the BMPIMP32.FLT module used by Office BMP import handling. A crafted BMP image with a malformed header (e.g., an excessive number of colors) causes a heap buffer overflow/memory corruption in BMP ...
CVE-2009-0224
CVE-2009-0224 is a Memory Corruption Vulnerability in Microsoft PowerPoint. It affects PowerPoint and related components across Windows and Mac platforms (PowerPoint 2000/2002/2003/2007; PowerPoint Viewer 2003/2007; PowerPoint on Mac 2004/2008; Open XML Converter for Mac; Microsoft Works 8.5/9.0;...
CVE-2007-0030
CVE-2007-0030 is the Excel Malformed Column Record Vulnerability. A memory corruption flaw occurs when parsing the BIFF8 Column field, allowing a remote attacker to execute arbitrary code by convincing a user to open a crafted Excel file. Affected products include Microsoft Excel 2000 SP3, 2002 S...
CVE-2007-0031
CVE-2007-0031 affects Microsoft Excel: heap-based buffer overflow in BIFF8 PALETTE records can allow a user-assisted remote attacker to execute arbitrary code. Vulnerable products include Excel 2000 SP3, 2002 SP3, 2003 SP2, and Mac versions (2004 for Mac, v.X for Mac). The flaw is triggered by op...
CVE-2007-0035
CVE-2007-0035 is the Word Array Overflow vulnerability in Microsoft Word/Word Viewer across Office 2000 SP3, XP SP3, 2003 SP2, Word 2004 for Mac, and Works Suite 2004–2006. The issue arises from improper handling of data in a certain array, enabling user-assisted remote code execution when a craf...
CVE-2008-0108
CVE-2008-0108 is a remote code execution vulnerability in Microsoft Works File Converter (wkcvqd01.dll) used to convert .wps files to Rich Text. The root cause is improper validation of field lengths in the Works File Converter, leading to a stack-based buffer overflow when handling crafted field...
CVE-2008-4026
CVE-2008-4026 is a remote-code-execution vulnerability in Microsoft Word handling crafted Word files that contain a malformed value, triggering memory corruption. Affected products include Word 2000 SP3, 2002 SP3, 2003 SP3, 2007 (Gold and SP1), Word Viewer 2003 SP3, Office Compatibility Pack for ...
CVE-2000-0419
The Office 2000 UA ActiveX control is described as wrongly marked “safe for scripting.” This vulnerability allows an intruder to script interactions through the control’s Show Me feature, potentially disabling macro warnings and enabling arbitrary actions within Office applications (e.g., launchi...
CVE-2006-0009
CVE-2006-0009 is the Office routing slip remote code execution vulnerability. A buffer/memory corruption occurs when parsing a routing slip in an Office document, potentially allowing arbitrary code execution. Affected products include Microsoft Office 2000 SP3, Office XP SP3, and related PowerPo...
CVE-2007-0028
CVE-2007-0028 affects multiple Excel variants: Excel 2000, 2002, 2003, Excel Viewer 2003, Office 2004 for Mac, and Office v.X for Mac. The vulnerability stems from improper handling of certain opcodes during Excel file parsing, which can corrupt memory and allow user‑assisted remote attackers to ...
CVE-2009-1533
Buffer overflow in the Microsoft Works File Converter (part of Office/Works Converters) when processing Works (.wps) files can lead to remote code execution. Affected products/versions include Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, Office 2007 SP1, and Works 8.5 and 9. Root ca...
CVE-2010-3950
The CVE-2010-3950 issue affects Microsoft Office XP SP3, Office Converter Pack, and Works 9, where the TIFF Image Converter in the graphics filters mishandles TIFF data during endian conversion, causing memory corruption. This leads to remote code execution or a crash via a crafted TIFF image emb...
CVE-2003-0664
Microsoft Word 2000/97/98(J)/2002 contains a vulnerability where Word’s macro-security checks fail for certain document properties, allowing a malicious document to bypass macro security and automatically execute arbitrary macros. Impact: remote code execution likely under the user’s privileges w...
CVE-2003-0821
CVE-2003-0821 covers a remote-code-execution vulnerability in Microsoft Excel 97, 2000, and 2002 due to a malicious Excel 4/XLM macro that bypasses the macro security model. Affected products could execute arbitrary code when a user opens a specially crafted spreadsheet, with the attacker potenti...
CVE-2007-0029
CVE-2007-0029 is the Excel Malformed String Vulnerability affecting Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and Excel 2004/Mac (and Excel v.X for Mac). The issue allows user-assisted remote attackers to achieve arbitrary code execution by parsing a malformed string in Excel files. Microsoft...
CVE-2007-0209
CVE-2007-0209 corresponds to the Word Malformed Drawing Object Vulnerability. A remote code execution flaw exists in Microsoft Word when parsing a malformed drawing object, potentially allowing arbitrary code execution via a specially crafted Word file. Affected products include Microsoft Word 20...
CVE-2008-3021
CVE-2008-3021 affects Microsoft Office products (Office 2000 SP3, XP SP3, 2003 SP2, Office Converter Pack, Works 8) where the PICT image filter parses the length of PICT files. The root cause is a memory/length handling issue in the PICT filter, leading to remote code execution when a crafted PIC...