Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Office
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 933 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-09-11 | CVE-2013-3859 | Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properly restrict configuration options, which allows local users to gain privileges by starting Internet Explorer from the IME toolbar, aka "Chinese IME Vulnerability." | Office, Pinyin_ime | N/A | ||
| 2013-09-11 | CVE-2013-3854 | Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3853. | Office, Word | N/A | ||
| 2013-09-11 | CVE-2013-3853 | Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3854. | Office, Word | N/A | ||
| 2013-09-11 | CVE-2013-3160 | Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability." | Office, Word, Word_viewer | N/A | ||
| 2013-11-12 | CVE-2013-1325 | Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability." | Office | N/A | ||
| 2013-11-12 | CVE-2013-1324 | Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability." | Office, Office_2013_rt | N/A | ||
| 2013-03-12 | CVE-2013-0095 | Outlook in Microsoft Office for Mac 2008 before 12.3.6 and Office for Mac 2011 before 14.3.2 allows remote attackers to trigger access to a remote URL and consequently confirm the rendering of an HTML e-mail message by including unspecified HTML5 elements and leveraging the installation of a WebKit browser on the victim's machine, aka "Unintended Content Loading Vulnerability." | Office | N/A | ||
| 2013-11-12 | CVE-2013-0082 | Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "WPD File Format Memory Corruption Vulnerability." | Office | N/A | ||
| 2012-10-25 | CVE-2012-5672 | Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data. | Excel, Excel_viewer, Office | N/A | ||
| 2012-11-13 | CVE-2012-2543 | Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Stack Overflow Vulnerability." | Excel, Excel_viewer, Office, Office_compatibility_pack | N/A |