Vulnerabilities > Microsoft > Office > v.x
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2006-10-10 | CVE-2006-2387 | Remote Code Execution vulnerability in Microsoft Excel DATETIME Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 and CVE-2006-3875. | 5.1 |
2006-10-10 | CVE-2006-3435 | Code Injection vulnerability in Microsoft Office PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. | 9.3 |
2006-03-30 | CVE-2006-1540 | Code Injection vulnerability in Microsoft Office MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw document, which triggers an access violation in excel.exe; (3) a Word document, which triggers an access violation in mso.dll in winword.exe; and (4) a PowerPoint document, which triggers an access violation in powerpnt.txt. | 9.3 |
2006-03-14 | CVE-2006-0031 | Improper Restriction of Operations Within the Bounds of A Memory Buffer vulnerability in Microsoft Office Stack-based buffer overflow in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed record with a modified length value, which leads to memory corruption. | 5.1 |
2006-03-14 | CVE-2006-0030 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. | 5.1 |
2006-03-14 | CVE-2006-0029 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. | 5.1 |
2006-03-14 | CVE-2006-0028 | Unspecified vulnerability in Microsoft Excel and Office Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers. | 5.1 |
2004-11-03 | CVE-2004-0846 | Unspecified vulnerability in Microsoft Excel and Office Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. | 7.5 |
2002-04-22 | CVE-2002-0152 | Buffer Overflow vulnerability in Multiple Microsoft Products for MacOS File URL Buffer overflow in various Microsoft applications for Macintosh allows remote attackers to cause a denial of service (crash) or execute arbitrary code by invoking the file:// directive with a large number of / characters, which affects Internet Explorer 5.1, Outlook Express 5.0 through 5.0.2, Entourage v. | 7.5 |
2002-03-08 | CVE-2002-0021 | Denial of Service vulnerability in Microsoft Office V.X Network Product Identification (PID) Checker in Microsoft Office v. | 5.0 |