Max CVSS 9.3 Min CVSS 4.3 Total Count2
IDCVSSSummaryLast (major) updatePublished
CVE-2009-2502 9.3
Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3
21-10-2024 - 17:35 14-10-2009 - 10:30
CVE-2010-3333 9.3
Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via
16-07-2024 - 17:38 10-11-2010 - 03:00
CVE-2010-0243 9.3
Buffer overflow in MSO.DLL in Microsoft Office XP SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Office document, aka "MSO.DLL Buffer Overflow."
22-09-2021 - 14:22 10-02-2010 - 18:30
CVE-2008-3013 9.3
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint
23-07-2021 - 12:17 11-09-2008 - 01:11
CVE-2010-2738 9.3
The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly
26-02-2019 - 14:04 15-09-2010 - 19:00
CVE-2007-5348 9.3
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerP
30-10-2018 - 16:25 11-09-2008 - 01:01
CVE-2008-3012 9.3
gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint
30-10-2018 - 16:25 11-09-2008 - 01:11
CVE-2006-3650 9.3
Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that
30-10-2018 - 16:25 10-10-2006 - 22:07
CVE-2008-3014 9.3
Buffer overflow in gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 20
30-10-2018 - 16:25 11-09-2008 - 01:11
CVE-2006-3868 5.1
Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag.
30-10-2018 - 16:25 10-10-2006 - 22:07
CVE-2006-0007 9.3
Buffer overflow in GIFIMP32.FLT, as used in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted GIF image that triggers memory corruption when i
19-10-2018 - 15:41 11-07-2006 - 21:05
CVE-2006-3434 9.3
Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.
18-10-2018 - 16:47 10-10-2006 - 22:07
CVE-2006-1540 9.3
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a
18-10-2018 - 16:33 30-03-2006 - 11:02
CVE-2006-3864 9.3
Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file
17-10-2018 - 21:32 10-10-2006 - 22:07
CVE-2007-1747 9.3
Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption.
16-10-2018 - 16:40 08-05-2007 - 23:19
CVE-2011-0107 9.3
Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx f
12-10-2018 - 21:59 13-04-2011 - 18:55
CVE-2011-0977 9.3
Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Offi
12-10-2018 - 21:59 10-02-2011 - 19:00
CVE-2010-3946 9.3
Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Im
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3952 9.3
The FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code or cause a denial of service (heap memory corruption) via a crafted FlashPix image in an Offic
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3950 9.3
The TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 does not properly convert data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) v
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3951 9.3
Buffer overflow in the FlashPix image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted FlashPix image in an Office document, aka "FlashPix Image Con
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3947 9.3
Heap-based buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3, Office Converter Pack, and Works 9 allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3945 9.3
Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3949 9.3
Buffer overflow in the TIFF image converter in the graphics filters in Microsoft Office XP SP3 and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted TIFF image in an Office document, aka "TIFF Image Converter Buffe
12-10-2018 - 21:58 16-12-2010 - 19:33
CVE-2010-3334 9.3
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing a
12-10-2018 - 21:58 10-11-2010 - 03:00
CVE-2010-3336 9.3
Microsoft Office XP SP3, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "MSO Large SPID
12-10-2018 - 21:58 10-11-2010 - 03:00
CVE-2010-3335 9.3
Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that
12-10-2018 - 21:58 10-11-2010 - 03:00
CVE-2010-1263 9.3
Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do n
12-10-2018 - 21:57 08-06-2010 - 20:30
CVE-2010-0815 9.3
VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allow
12-10-2018 - 21:57 12-05-2010 - 11:46
CVE-2009-2528 9.3
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vu
12-10-2018 - 21:52 14-10-2009 - 10:30
CVE-2009-2518 9.3
Integer overflow in GDI+ in Microsoft Office XP SP3 allows remote attackers to execute arbitrary code via an Office document with a bitmap (aka BMP) image that triggers memory corruption, aka "Office BMP Integer Overflow Vulnerability."
12-10-2018 - 21:52 14-10-2009 - 10:30
CVE-2009-3126 9.3
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP
12-10-2018 - 21:52 14-10-2009 - 10:30
CVE-2009-2501 9.3
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 G
12-10-2018 - 21:51 14-10-2009 - 10:30
CVE-2009-2500 9.3
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP
12-10-2018 - 21:51 14-10-2009 - 10:30
CVE-2009-2496 9.3
Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, In
12-10-2018 - 21:51 12-08-2009 - 17:30
CVE-2009-1534 9.3
Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Office XP Web Components SP3, BizTalk Server 2002, and Visual Studio .NET 2003 SP1 allows remote attackers to execute arbitrary c
12-10-2018 - 21:51 12-08-2009 - 17:30
CVE-2009-2504 9.3
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Mi
12-10-2018 - 21:51 14-10-2009 - 10:30
CVE-2009-2503 9.3
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold a
12-10-2018 - 21:51 14-10-2009 - 10:30
CVE-2009-1136 9.3
The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Micro
12-10-2018 - 21:51 15-07-2009 - 15:30
CVE-2009-0562 9.3
The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2003 Web Components SP3, Office 2003 Web Components SP1 for the 2007 Microsoft Office System, Internet Security and Accelerati
12-10-2018 - 21:50 12-08-2009 - 17:30
CVE-2008-4253 8.5
The FlexGrid ActiveX control in Microsoft Visual Basic 6.0, Visual FoxPro 8.0 SP1 and 9.0 SP1 and SP2, Office FrontPage 2002 SP3, and Office Project 2003 SP3 does not properly handle errors during access to incorrectly initialized objects, which allo
12-10-2018 - 21:48 10-12-2008 - 14:00
CVE-2008-4020 4.3
Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which rende
12-10-2018 - 21:48 15-10-2008 - 00:12
CVE-2008-3019 9.3
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of an Encapsulated PostScript (EPS) file, which allows remote attackers to execute arbitrary code via a crafted EPS file, aka the "Ma
12-10-2018 - 21:47 12-08-2008 - 23:41
CVE-2008-3021 9.3
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field,
12-10-2018 - 21:47 12-08-2008 - 23:41
CVE-2008-3020 9.3
Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."
12-10-2018 - 21:47 12-08-2008 - 23:41
CVE-2008-3015 9.3
Integer overflow in gdiplus.dll in GDI+ in Microsoft Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2,
12-10-2018 - 21:47 11-09-2008 - 01:11
CVE-2008-3460 9.3
WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG fil
12-10-2018 - 21:47 12-08-2008 - 23:41
CVE-2008-3007 9.3
Argument injection vulnerability in a URI handler in Microsoft Office XP SP3, 2003 SP2 and SP3, 2007 Office System Gold and SP1, and Office OneNote 2007 Gold and SP1 allow remote attackers to execute arbitrary code via a crafted onenote:// URL, aka "
12-10-2018 - 21:47 11-09-2008 - 01:11
CVE-2008-3018 9.3
Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file, aka the "Malformed PICT Filter Vulne
12-10-2018 - 21:47 12-08-2008 - 23:41
CVE-2008-0118 9.3
Unspecified vulnerability in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, Excel Viewer 2003 up to SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted Office document that triggers memory corrupti
12-10-2018 - 21:45 11-03-2008 - 23:44
CVE-2008-0103 9.3
Unspecified vulnerability in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Office document that contains a malformed object, related to a "memory handling e
12-10-2018 - 21:44 13-02-2008 - 00:00
CVE-2007-1201 9.3
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components Data
12-10-2018 - 21:43 11-03-2008 - 23:44
CVE-2007-0671 9.3
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in tar
12-10-2018 - 21:42 03-02-2007 - 01:28
CVE-2006-4695 9.3
Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via a crafted URL, aka "Office Web Components URL Parsing Vulnerability."
12-10-2018 - 21:41 31-12-2006 - 05:00
CVE-2006-2389 9.3
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption
12-10-2018 - 21:40 11-07-2006 - 21:05
CVE-2006-1311 9.3
The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute ar
12-10-2018 - 21:39 13-02-2007 - 20:28
CVE-2006-1316 9.3
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption rela
12-10-2018 - 21:39 11-07-2006 - 21:05
CVE-2006-0033 9.3
Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via a crafted PNG image that triggers memory corruption when it is parsed.
12-10-2018 - 21:38 11-07-2006 - 21:05
Back to Top Mark selected
Back to Top