Vulnerabilities > Microsoft > Visio > Critical

DATE CVE VULNERABILITY TITLE RISK
2007-06-12 CVE-2007-0934 Remote Code Execution vulnerability in Microsoft Visio 2002
Unspecified vulnerability in Microsoft Visio 2002 allows remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted version number that triggers memory corruption.
network
microsoft
critical
 9.3
9.3
2007-06-12 CVE-2007-0936 Remote Code Execution vulnerability in Microsoft Visio Packed Objects
Multiple unspecified vulnerabilities in Microsoft Visio 2002 allow remote user-assisted attackers to execute arbitrary code via a Visio (.VSD, VSS, .VST) file with a crafted packed object that triggers memory corruption, aka "Visio Document Packaging Vulnerability."
network
microsoft
critical
 9.3
9.3
2007-02-03 CVE-2007-0671 Remote Code Execution vulnerability in Microsoft Office Malformed String
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
network
microsoft
critical
 9.3
9.3
2006-12-31 CVE-2006-5574 Remote Code Execution vulnerability in Microsoft Office Brazilian Portuguese Grammar Checker
Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed.
network
microsoft
critical
 9.3
9.3
2006-10-10 CVE-2006-3864 Remote Code Execution vulnerability in Microsoft Office Malformed Record
Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "array boundary condition" (possibly an array index overflow), a different vulnerability than CVE-2006-3434, CVE-2006-3650, and CVE-2006-3868.
network
microsoft
critical
 9.3
9.3
2006-10-10 CVE-2006-3877 Code Injection vulnerability in Microsoft products
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
network
microsoft CWE-94
critical
 9.3
9.3
2004-09-28 CVE-2004-0200 Unspecified vulnerability in Microsoft products
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.
network
microsoft
critical
 9.3
9.3
2003-10-20 CVE-2003-0347 Buffer Overrun vulnerability in Microsoft Visual Basic For Applications Document Handling
Heap-based buffer overflow in VBE.DLL and VBE6.DLL of Microsoft Visual Basic for Applications (VBA) SDK 5.0 through 6.3 allows remote attackers to execute arbitrary code via a document with a long ID parameter.
network
low complexity
microsoft
critical
 10.0
10