Vulnerabilities (CVE)

Filtered by vendor Microsoft Subscribe
Filtered by product Excel
Total 324 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3068 1 Microsoft 17 Access, Excel, Frontpage and 14 more 2024-11-21 7.5 HIGH N/A
Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension.
CVE-2008-0117 1 Microsoft 4 Compatibility Pack Word Excel Powerpoint 2007, Excel, Excel Viewer and 1 more 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability."
CVE-2008-0116 1 Microsoft 4 Excel, Excel Viewer, Office and 1 more 2024-11-21 9.3 HIGH N/A
Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability."
CVE-2008-0115 1 Microsoft 4 Excel, Excel Viewer, Office and 1 more 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability."
CVE-2008-0114 1 Microsoft 3 Excel, Excel Viewer, Office 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.
CVE-2008-0112 1 Microsoft 2 Excel, Office 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."
CVE-2008-0111 1 Microsoft 4 Excel, Excel Viewer, Office and 1 more 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."
CVE-2008-0081 1 Microsoft 3 Excel, Excel Viewer, Office 2024-11-21 9.3 HIGH 9.8 CRITICAL
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490.
CVE-2007-3890 1 Microsoft 2 Excel, Office 2024-11-21 9.3 HIGH N/A
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.
CVE-2007-3490 1 Microsoft 1 Excel 2024-11-21 7.5 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2003 SP2 allows remote attackers to have an unknown impact via unspecified vectors, possibly related to the sheet name, as demonstrated by 2670.xls.
CVE-2007-3030 1 Microsoft 2 Excel, Excel Viewer 2024-11-21 7.6 HIGH N/A
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook Memory Corruption Vulnerability".
CVE-2007-3029 1 Microsoft 2 Excel, Office 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2002 SP3 and 2003 SP2 allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file containing multiple active worksheets, which results in memory corruption.
CVE-2007-1756 1 Microsoft 3 Excel, Excel Viewer, Office 2024-11-21 9.3 HIGH N/A
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability".
CVE-2007-1239 1 Microsoft 1 Excel 2024-11-21 4.3 MEDIUM N/A
Microsoft Excel 2003 does not properly parse .XLS files, which allows remote attackers to cause a denial of service (application crash) via a file with a (1) corrupted XML format or a (2) corrupted XLS format, which triggers a NULL pointer dereference.
CVE-2007-1214 1 Microsoft 2 Excel, Excel Viewer 2024-11-21 6.8 MEDIUM N/A
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption.
CVE-2007-1203 1 Microsoft 2 Excel, Excel Viewer 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption.
CVE-2007-0671 1 Microsoft 14 Access, Excel, Excel Viewer and 11 more 2024-11-21 9.3 HIGH N/A
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
CVE-2007-0215 1 Microsoft 3 Excel, Excel Viewer, Office 2024-11-21 7.6 HIGH N/A
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.
CVE-2007-0031 1 Microsoft 4 Excel, Excel Viewer, Office and 1 more 2024-11-21 9.3 HIGH N/A
Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.
CVE-2007-0030 1 Microsoft 4 Excel, Excel Viewer, Office and 1 more 2024-11-21 9.3 HIGH N/A
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.