Vulnerabilities > Microsoft > Excel > 2000

DATE CVE VULNERABILITY TITLE RISK
2008-12-10 CVE-2008-4266 Resource Management Errors vulnerability in Microsoft products
Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Excel spreadsheet with a NAME record that contains an invalid index value, which triggers stack corruption, aka "Excel Global Array Memory Corruption Vulnerability." http://www.microsoft.com/technet/security/Bulletin/MS08-074.mspx Excel Global Array Memory Corruption Vulnerability - CVE-2008-4266 A remote code execution vulnerability exists in Microsoft Office Excel as a result of stack corruption when loading Excel records.
network
microsoft CWE-399
critical
 9.3
9.3
2008-03-11 CVE-2008-0117 Remote Code Execution vulnerability in Microsoft Excel Conditional Formatting Values
Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers to execute arbitrary code via crafted conditional formatting values, aka "Excel Conditional Formatting Vulnerability."
network
microsoft
critical
 9.3
9.3
2008-03-11 CVE-2008-0116 Improper Input Validation vulnerability in Microsoft products
Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability."
network
microsoft CWE-20
critical
 9.3
9.3
2008-03-11 CVE-2008-0115 Code Injection vulnerability in Microsoft products
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability."
network
microsoft CWE-94
critical
 9.3
9.3
2008-03-11 CVE-2008-0114 Code Injection vulnerability in Microsoft Excel, Excel Viewer and Office
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption.
network
microsoft CWE-94
critical
 9.3
9.3
2008-03-11 CVE-2008-0112 Code Injection vulnerability in Microsoft Excel and Office
Unspecified vulnerability in Microsoft Excel 2000 SP3, and Office for Mac 2004 and 2008 allows user-assisted remote attackers to execute arbitrary code via a crafted .SLK file that is not properly handled when importing the file, aka "Excel File Import Vulnerability."
network
microsoft CWE-94
critical
 9.3
9.3
2008-03-11 CVE-2008-0111 Code Injection vulnerability in Microsoft products
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability."
network
microsoft CWE-94
critical
 9.3
9.3
2008-01-16 CVE-2008-0081 Use of Uninitialized Resource vulnerability in Microsoft Excel, Excel Viewer and Office
Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490.
network
low complexity
microsoft CWE-908
critical
 9.8
9.8
2007-08-14 CVE-2007-3890 Remote Code Execution vulnerability in Microsoft Excel and Office
Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption.
network
microsoft
critical
 9.3
9.3
2007-07-10 CVE-2007-3030 Remote Code Execution vulnerability in Microsoft Excel Workspace Designation
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook Memory Corruption Vulnerability".
network
high complexity
microsoft
7.6
7.6