Total
318 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-3158 | 1 Microsoft | 1 Excel | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
CVE-2013-1315 | 1 Microsoft | 9 Excel, Excel Viewer, Office and 6 more | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||
CVE-2012-1887 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability." | |||||
CVE-2012-1886 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." | |||||
CVE-2012-5672 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2024-02-28 | 4.3 MEDIUM | N/A |
Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data. | |||||
CVE-2012-0185 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2024-02-28 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers incorrect handling of memory during opening, aka "Excel MergeCells Record Heap Overflow Vulnerability." | |||||
CVE-2012-0141 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel File Format Memory Corruption Vulnerability." | |||||
CVE-2012-1847 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Series Record Parsing Type Mismatch Could Result in Remote Code Execution Vulnerability." | |||||
CVE-2012-2543 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability." | |||||
CVE-2012-0184 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SXLI Record Memory Corruption Vulnerability." | |||||
CVE-2013-3890 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." | |||||
CVE-2013-3159 | 1 Microsoft | 1 Excel | 2024-02-28 | 4.3 MEDIUM | N/A |
Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability." | |||||
CVE-2010-3233 | 1 Microsoft | 1 Excel | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2002 SP3 and 2003 SP3 does not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted .wk3 (aka Lotus 1-2-3 workbook) file, aka "Lotus 1-2-3 Workbook Parsing Vulnerability." | |||||
CVE-2010-3241 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in Parsing Vulnerability." | |||||
CVE-2011-0101 | 1 Microsoft | 1 Excel | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, aka "Excel Record Parsing WriteAV Vulnerability." | |||||
CVE-2010-2562 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel file, aka "Excel Memory Corruption Vulnerability." | |||||
CVE-2010-1246 | 1 Microsoft | 1 Excel | 2024-02-28 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Microsoft Office Excel 2002 SP3 allows remote attackers to execute arbitrary code via an Excel file with a malformed RTD (0x813) record, aka "Excel RTD Memory Corruption Vulnerability." | |||||
CVE-2011-1986 | 1 Microsoft | 1 Excel | 2024-02-28 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability." | |||||
CVE-2011-1273 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability." | |||||
CVE-2011-0105 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2024-02-28 | 9.3 HIGH | N/A |
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability." |