Total
834 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2002-0619 | 1 Microsoft | 1 Office | 2024-02-28 | 7.5 HIGH | N/A |
The Mail Merge Tool in Microsoft Word 2002 for Windows, when Microsoft Access is present on a system, allows remote attackers to execute Visual Basic (VBA) scripts within a mail merge document that is saved in HTML format, aka a "Variant of MS00-071, Word Mail Merge Vulnerability" (CVE-2000-0788). | |||||
CVE-2004-0846 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 7.5 HIGH | N/A |
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | |||||
CVE-2003-0347 | 1 Microsoft | 4 Office, Project, Visio and 1 more | 2024-02-28 | 10.0 HIGH | N/A |
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter. | |||||
CVE-2004-0200 | 1 Microsoft | 24 .net Framework, Digital Image Pro, Digital Image Suite and 21 more | 2024-02-28 | 9.3 HIGH | N/A |
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | |||||
CVE-2002-0152 | 1 Microsoft | 6 Entourage, Excel, Ie and 3 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. X and 2001, PowerPoint v. X, 2001, and 98, and Excel v. X and 2001 for Macintosh. | |||||
CVE-1999-1259 | 1 Microsoft | 1 Office | 2024-02-28 | 2.1 LOW | N/A |
Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information. | |||||
CVE-2002-0616 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 5.1 MEDIUM | N/A |
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | |||||
CVE-2002-0618 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 7.5 HIGH | N/A |
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution". | |||||
CVE-2004-0573 | 1 Microsoft | 5 Frontpage, Office, Publisher and 2 more | 2024-02-28 | 7.5 HIGH | N/A |
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. | |||||
CVE-1999-0794 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 4.6 MEDIUM | N/A |
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | |||||
CVE-2002-0862 | 2 Apple, Microsoft | 10 Macos, Internet Explorer, Office and 7 more | 2024-02-28 | 6.8 MEDIUM | N/A |
The (1) CertGetCertificateChain, (2) CertVerifyCertificateChainPolicy, and (3) WinVerifyTrust APIs within the CryptoAPI for Microsoft products including Microsoft Windows 98 through XP, Office for Mac, Internet Explorer for Mac, and Outlook Express for Mac, do not properly verify the Basic Constraints of intermediate CA-signed X.509 certificates, which allows remote attackers to spoof the certificates of trusted sites via a man-in-the-middle attack for SSL sessions, as originally reported for Internet Explorer and IIS. | |||||
CVE-2002-0617 | 1 Microsoft | 2 Excel, Office | 2024-02-28 | 5.1 MEDIUM | N/A |
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass." | |||||
CVE-2002-1716 | 1 Microsoft | 1 Office | 2024-02-28 | 5.0 MEDIUM | N/A |
The Host() function in the Microsoft spreadsheet component on Microsoft Office XP allows remote attackers to create arbitrary files using the SaveAs capability. | |||||
CVE-2004-0121 | 1 Microsoft | 2 Office, Outlook | 2024-02-28 | 7.5 HIGH | N/A |
Argument injection vulnerability in Microsoft Outlook 2002 does not sufficiently filter parameters of mailto: URLs when using them as arguments when calling OUTLOOK.EXE, which allows remote attackers to use script code in the Local Machine zone and execute arbitrary programs. |