Total
849 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2007-2903 | 1 Microsoft | 1 Office | 2024-11-21 | 5.0 MEDIUM | N/A |
Buffer overflow in the HelpPopup method in the Microsoft Office 2000 Controllo UA di Microsoft Office ActiveX control (OUACTRL.OCX) 1.0.1.9 allows remote attackers to cause a denial of service (probably winhlp32.exe crash) via a long first argument. NOTE: it is not clear whether this issue crosses privilege boundaries. | |||||
CVE-2007-2224 | 1 Microsoft | 5 Office, Visual Basic, Windows 2000 and 2 more | 2024-11-21 | 9.3 HIGH | N/A |
Object linking and embedding (OLE) Automation, as used in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Office 2004 for Mac, and Visual Basic 6.0 allows remote attackers to execute arbitrary code via the substringData method on a TextNode object, which causes an integer overflow that leads to a buffer overflow. | |||||
CVE-2007-2223 | 1 Microsoft | 11 Expression Web, Office, Office Compatibility Pack and 8 more | 2024-11-21 | 9.3 HIGH | N/A |
Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow. | |||||
CVE-2007-1756 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2024-11-21 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability". | |||||
CVE-2007-1747 | 1 Microsoft | 1 Office | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. | |||||
CVE-2007-1238 | 1 Microsoft | 1 Office | 2024-11-21 | 4.3 MEDIUM | N/A |
Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file. | |||||
CVE-2007-1201 | 1 Microsoft | 5 Biztalk Server, Commerce Server, Internet Security And Acceleration Server and 2 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability." | |||||
CVE-2007-0936 | 1 Microsoft | 2 Office, Visio | 2024-11-21 | 9.3 HIGH | N/A |
Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging Vulnerability." | |||||
CVE-2007-0671 | 1 Microsoft | 14 Access, Excel, Excel Viewer and 11 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | |||||
CVE-2007-0515 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. | |||||
CVE-2007-0216 | 1 Microsoft | 2 Office, Works | 2024-11-21 | 9.3 HIGH | N/A |
wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." | |||||
CVE-2007-0215 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2024-11-21 | 7.6 HIGH | N/A |
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption. | |||||
CVE-2007-0209 | 1 Microsoft | 2 Office, Works | 2024-11-21 | 9.3 HIGH | N/A |
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption. | |||||
CVE-2007-0208 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code. | |||||
CVE-2007-0065 | 1 Microsoft | 6 Office, Visual Basic, Windows 2000 and 3 more | 2024-11-21 | 10.0 HIGH | N/A |
Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. | |||||
CVE-2007-0035 | 1 Microsoft | 2 Office, Works | 2024-11-21 | 9.3 HIGH | N/A |
Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability." | |||||
CVE-2007-0034 | 1 Microsoft | 2 Office, Outlook | 2024-11-21 | 9.3 HIGH | N/A |
Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability." | |||||
CVE-2007-0033 | 1 Microsoft | 2 Office, Outlook | 2024-11-21 | 9.3 HIGH | N/A |
Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file. | |||||
CVE-2007-0031 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries. | |||||
CVE-2007-0030 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2024-11-21 | 9.3 HIGH | N/A |
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. |