Vulnerabilities > Microsoft > Office > 2004

DATE CVE VULNERABILITY TITLE RISK
2014-09-19 CVE-2006-1318 Code Injection vulnerability in Microsoft Office
Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, aka "Microsoft Office Control Vulnerability."
network
microsoft CWE-94
critical
9.3
2011-12-14 CVE-2011-3403 Code Injection vulnerability in Microsoft Excel and Office
Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability."
network
microsoft CWE-94
critical
9.3
2011-09-15 CVE-2011-1989 Improper Input Validation vulnerability in Microsoft products
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Excel Services on Office SharePoint Server 2007 SP2; Excel Services on Office SharePoint Server 2010 Gold and SP1; and Excel Web App 2010 Gold and SP1 do not properly parse conditional expressions associated with formatting requirements, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Conditional Expression Parsing Vulnerability."
network
microsoft CWE-20
critical
9.3
2011-09-15 CVE-2011-1988 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Heap Corruption Vulnerability."
network
microsoft CWE-119
critical
9.3
2011-09-15 CVE-2011-1987 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability."
network
microsoft CWE-119
critical
9.3
2011-06-16 CVE-2011-1279 Buffer Errors vulnerability in Microsoft Excel, Office and Open XML File Format Converter
Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability."
network
microsoft CWE-119
critical
9.3
2011-06-16 CVE-2011-1278 Buffer Errors vulnerability in Microsoft Excel and Office
Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel WriteAV Vulnerability."
network
microsoft CWE-119
critical
9.3
2011-06-16 CVE-2011-1276 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel spreadsheet, related to improper validation of record information, aka "Excel Buffer Overrun Vulnerability."
network
microsoft CWE-119
critical
9.3
2011-06-16 CVE-2011-1275 Buffer Errors vulnerability in Microsoft Excel, Office and Open XML File Format Converter
Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Heap Overwrite Vulnerability."
network
microsoft CWE-119
critical
9.3
2011-06-16 CVE-2011-1274 Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft products
Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability."
network
microsoft CWE-119
critical
9.3