Vulnerabilities > Microsoft > Excel > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-10-10 | CVE-2006-3875 | Remote Code Execution vulnerability in Microsoft Excel COLINFO Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2006-2387 and CVE-2006-3867. | 5.1 |
| 2006-10-10 | CVE-2006-3867 | Remote Code Execution vulnerability in Microsoft Excel Lotus 1-2-3 File Handling Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875. | 5.1 |
| 2006-06-22 | CVE-2006-3014 | Improper Input Validation vulnerability in Microsoft Excel Microsoft Excel allows user-assisted attackers to execute arbitrary javascript and redirect users to arbitrary sites via an Excel spreadsheet with an embedded Shockwave Flash Player ActiveX Object, which is automatically executed when the user opens the spreadsheet. | 5.1 |
| 2006-03-14 | CVE-2006-0030 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. | 5.1 |
| 2006-03-14 | CVE-2006-0029 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. | 5.1 |
| 2006-03-14 | CVE-2006-0028 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers. | 5.1 |
| 2003-04-11 | CVE-2002-1143 | Unspecified vulnerability in Microsoft Excel and Word Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure." | 5.0 |
| 2002-08-12 | CVE-2002-0617 | Unspecified vulnerability in Microsoft Excel and Office The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass." | 5.1 |
| 2002-08-12 | CVE-2002-0616 | Unspecified vulnerability in Microsoft Excel and Office The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability." | 5.1 |
| 2000-10-20 | CVE-2000-0765 | Unspecified vulnerability in Microsoft Excel, Powerpoint and Word Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability. | 5.1 |