Word

word

Vendor: Microsoft • 252 CVEs

CVEs (252)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2007-1910 1Microsoft 1Word Apr 23, 2026 Apr 10, 2007 N/A· v4 N/A· v3 6.8 MEDIUM· v2 Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.
CVE-2007-0208 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Feb 13, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows...Show more Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code.Show less
CVE-2007-0870 1Microsoft 1Word Apr 23, 2026 Feb 11, 2007 N/A· v4 N/A· v3 7.6 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-...Show more Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027.Show less
CVE-2007-0671 1Microsoft 14Access ExcelExcel Viewer+11 more Apr 22, 2026 Feb 3, 2007 N/A· v4 8.8 HIGH· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrat...Show more Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.Show less
CVE-2007-0515 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Jan 26, 2007 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corrupt...Show more Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561.Show less
CVE-2006-6561 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Dec 14, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the...Show more Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456.Show less
CVE-2006-6456 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Dec 11, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a...Show more Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994.Show less
CVE-2006-5994 1Microsoft 4Office WordWord Viewer+1 more Apr 23, 2026 Dec 6, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word do...Show more Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456.Show less
CVE-2006-4693 1Microsoft 2Office Word Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word file, a different issue than CVE-2006-3647 and CVE-2...Show more Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word file, a different issue than CVE-2006-3647 and CVE-2006-3651.Show less
CVE-2006-3877 1Microsoft 14Access ExcelExcel Viewer+11 more Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted...Show more Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.Show less
CVE-2006-3651 1Microsoft 2Office Word Apr 23, 2026 Oct 10, 2006 N/A· v4 N/A· v3 9.3 HIGH· v2 Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-...Show more Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693.Show less
CVE-2006-0935 1Microsoft 1Word Apr 16, 2026 Feb 28, 2006 N/A· v4 N/A· v3 2.6 LOW· v2 Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz.
CVE-2005-0564 1Microsoft 1Word Apr 16, 2026 Jul 12, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information.
CVE-2005-1683 1Microsoft 1Word Apr 16, 2026 May 20, 2005 N/A· v4 N/A· v3 2.6 LOW· v2 Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafte...Show more Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file.Show less
CVE-2005-0558 1Microsoft 1Word Apr 16, 2026 May 2, 2005 N/A· v4 N/A· v3 5.1 MEDIUM· v2 Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document.
CVE-2004-0963 1Microsoft 1Word Apr 16, 2026 Feb 9, 2005 N/A· v4 N/A· v3 10.0 HIGH· v2 Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via...Show more Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values.Show less
CVE-2004-0848 1Microsoft 6Office PowerpointProject+3 more Apr 16, 2026 Feb 8, 2005 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage retu...Show more Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames.Show less
CVE-2004-0573 1Microsoft 5Frontpage OfficePublisher+2 more Apr 16, 2026 Sep 28, 2004 N/A· v4 N/A· v3 7.5 HIGH· v2 Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or webs...Show more Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website.Show less
CVE-2004-0200 1Microsoft 23.net Framework Digital Image ProDigital Image Suite+20 more Apr 16, 2026 Sep 28, 2004 N/A· v4 N/A· v3 9.3 HIGH· v2 Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM fiel...Show more Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation.Show less
CVE-2003-0821 1Microsoft 2Word Works Apr 16, 2026 Dec 15, 2003 N/A· v4 N/A· v3 7.5 HIGH· v2 Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.

Previous 1...9 10 111213 Next