Vulnerabilities > Microsoft
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2006-07-18 | CVE-2006-3653 | Remote vulnerability in Microsoft Works 8.0 wksss.exe 8.4.702.0 in Microsoft Works Spreadsheet 8.0 allows remote attackers to cause a denial of service (CPU consumption or crash) via crafted (1) Works, (2) Excel, and (3) Lotus 1-2-3 files. | 2.6 |
| 2006-07-18 | CVE-2006-3652 | Unspecified vulnerability in Microsoft ISA Server 2004 Microsoft Internet Security and Acceleration (ISA) Server 2004 allows remote attackers to bypass file extension filters via a request with a trailing "#" character. | 7.5 |
| 2006-07-18 | CVE-2006-3605 | Unspecified vulnerability in Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (crash) by setting the Transition property on an uninitialized DXImageTransform.Microsoft.RevealTrans.1 ActiveX Object, which triggers a null dereference. | 5.0 |
| 2006-07-18 | CVE-2006-3591 | Unspecified vulnerability in Microsoft Internet Explorer 6.0 Microsoft Internet Explorer 6 allows remote attackers to cause a denial of service (application crash) by accessing the URL property of a TriEditDocument.TriEditDocument object before it has been initialized, which triggers a NULL pointer dereference. | 5.0 |
| 2006-07-14 | CVE-2006-3590 | Remote Code Execution vulnerability in Microsoft Powerpoint 2000/2002/2003 mso.dll, as used by Microsoft PowerPoint 2000 through 2003, allows user-assisted attackers to execute arbitrary commands via a malformed shape container in a PPT file that leads to memory corruption, as exploited by Trojan.PPDropper.B, a different issue than CVE-2006-1540 and CVE-2006-3493. | 5.1 |
| 2006-07-13 | CVE-2006-1309 | Code Injection vulnerability in Microsoft Excel and Excel Viewer Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption. | 9.3 |
| 2006-07-13 | CVE-2006-1308 | Remote Code Execution vulnerability in Microsoft Excel FNGROUPCOUNT Record Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value. | 9.3 |
| 2006-07-13 | CVE-2006-1301 | Code Injection vulnerability in Microsoft Excel and Excel Viewer Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302. | 9.3 |
| 2006-07-13 | CVE-2006-2388 | Code Injection vulnerability in Microsoft Excel and Excel Viewer Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process. | 9.3 |
| 2006-07-13 | CVE-2006-1306 | Code Injection vulnerability in Microsoft Excel and Excel Viewer Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability." | 9.3 |