Vulnerabilities > Microsoft > Office > 2003
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2008-03-11 | CVE-2008-0110 | Code Injection vulnerability in Microsoft Office Unspecified vulnerability in Microsoft Outlook in Office 2000 SP3, XP SP3, 2003 SP2 and Sp3, and Office System allows user-assisted remote attackers to execute arbitrary code via a crafted mailto URI. | 9.3 |
2008-02-13 | CVE-2008-0103 | Resource Management Errors vulnerability in Microsoft Office Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling error," aka "Microsoft Office Execution Jump Vulnerability." | 9.3 |
2008-02-12 | CVE-2008-0109 | Resource Management Errors vulnerability in Microsoft Office and Word Word in Microsoft Office 2000 SP3, XP SP3, Office 2003 SP2, and Office Word Viewer 2003 allows remote attackers to execute arbitrary code via crafted fields within the File Information Block (FIB) of a Word file, which triggers length calculation errors and memory corruption. | 9.3 |
2008-02-12 | CVE-2008-0108 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office and Works Stack-based buffer overflow in wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted field lengths, aka "Microsoft Works File Converter Field Length Vulnerability." | 9.3 |
2008-02-12 | CVE-2008-0105 | Improper Input Validation vulnerability in Microsoft Office and Works Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." | 9.3 |
2008-02-12 | CVE-2008-0104 | Code Injection vulnerability in Microsoft Office and Publisher Unspecified vulnerability in Microsoft Office Publisher 2000, 2002, and 2003 SP2 allows remote attackers to execute arbitrary code via a crafted .pub file, aka "Publisher Memory Corruption Vulnerability." | 9.3 |
2008-02-12 | CVE-2007-0216 | Improper Input Validation vulnerability in Microsoft Office and Works wkcvqd01.dll in Microsoft Works 6 File Converter, as used in Office 2003 SP2, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section length headers, aka "Microsoft Works File Converter Input Validation Vulnerability." | 9.3 |
2007-11-20 | CVE-2007-6026 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products Stack-based buffer overflow in Microsoft msjet40.dll 4.0.8618.0 (aka Microsoft Jet Engine), as used by Access 2003 in Microsoft Office 2003 SP3, allows user-assisted attackers to execute arbitrary code via a crafted MDB file database file containing a column structure with a modified column count. | 9.3 |
2007-08-14 | CVE-2007-3890 | Remote Code Execution vulnerability in Microsoft Excel and Office Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption. | 9.3 |
2007-08-14 | CVE-2007-2223 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft XML Core Services Microsoft XML Core Services (MSXML) 3.0 through 6.0 allows remote attackers to execute arbitrary code via the substringData method on a (1) TextNode or (2) XMLDOM object, which causes an integer overflow that leads to a buffer overflow. | 9.3 |