Office

office

Vendor: Microsoft • 1,032 CVEs

CVEs (1,032)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-1747 1Microsoft 1Office Apr 23, 2026 May 8, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers...Show more Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption.Show less
CVE-2007-0215 1Microsoft 3Excel Excel ViewerOffice Apr 23, 2026 May 8, 2007 N/A· v4 N/A· v3 7.6 HIGH· v2 Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which...Show more Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.Show less
CVE-2007-0035 1Microsoft 2Office Works Apr 23, 2026 May 8, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to ex...Show more Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly handle data in a certain array, which allows user-assisted remote attackers to execute arbitrary code, aka the "Word Array Overflow Vulnerability."Show less
CVE-2007-1238 1Microsoft 1Office Apr 23, 2026 Mar 3, 2007 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Microsoft Office 2003 allows user-assisted remote attackers to cause a denial of service (application crash) by attempting to insert a corrupted WMF file.
CVE-2007-0209 1Microsoft 2Office Works Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing objec...Show more Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption.Show less
CVE-2007-0208 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows...Show more Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.Show less
CVE-2006-1311 1Microsoft 5Learning Essentials OfficeWindows 2000+2 more Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted...Show more The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF file, which triggers memory corruption.Show less
CVE-2007-0671 1Microsoft 14Access ExcelExcel Viewer+11 more Apr 22, 2026 Feb 3, 2007 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrat...Show more Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.Show less
CVE-2007-0515 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Jan 26, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corrupt...Show more Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561.Show less
CVE-2007-0034 1Microsoft 2Office Outlook Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that t...Show more Buffer overflow in the Advanced Search (Finder.exe) feature of Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted Outlook Saved Searches (OSS) file that triggers memory corruption, aka "Microsoft Outlook Advanced Find Vulnerability."Show less
CVE-2007-0033 1Microsoft 2Office Outlook Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Outlook 2002 and 2003 allows user-assisted remote attackers to execute arbitrary code via a malformed VEVENT record in an .iCal meeting request or ICS file.
CVE-2007-0031 1Microsoft 4Excel Excel ViewerOffice+1 more Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that...Show more Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.Show less
CVE-2007-0030 1Microsoft 4Excel Excel ViewerOffice+1 more Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record type...Show more Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.Show less
CVE-2007-0029 1Microsoft 4Excel Excel ViewerOffice+1 more Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."
CVE-2007-0028 1Microsoft 4Excel Excel ViewerOffice+1 more Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS...Show more Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.Show less
CVE-2007-0027 1Microsoft 4Excel Excel ViewerOffice+1 more Apr 23, 2026 Jan 9, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.
CVE-2006-5574 1Microsoft 5Office Office Multilingual User Interface PackOffice Proofing Tools+2 more Apr 23, 2026 Dec 31, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute...Show more Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via crafted text that is not properly parsed.Show less
CVE-2006-1305 1Microsoft 2Office Outlook Apr 23, 2026 Dec 31, 2006 N/A· v4 N/A· v3 4.3 MEDIUM· v2 Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1)...Show more Microsoft Outlook 2000, 2002, and 2003 allows user-assisted remote attackers to cause a denial of service (memory exhaustion and interrupted mail recovery) via malformed e-mail header information, possibly related to (1) long subject lines or (2) large numbers of recipients in To or CC headers.Show less
CVE-2006-6561 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Dec 14, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the...Show more Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456.Show less
CVE-2006-6456 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Dec 11, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a...Show more Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994.Show less

Previous 1...484950 51 52 Next