Total
219 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2013-3858 | 1 Microsoft | 5 Office Compatibility Pack, Office Web Apps, Sharepoint Server and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849. | |||||
CVE-2013-3851 | 1 Microsoft | 3 Office Compatibility Pack, Word, Word Viewer | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | |||||
CVE-2012-2528 | 1 Microsoft | 6 Office Compatibility Pack, Office Web Apps, Sharepoint Server and 3 more | 2024-02-04 | 9.3 HIGH | N/A |
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability." | |||||
CVE-2010-2747 | 1 Microsoft | 2 Office, Word | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle an uninitialized pointer during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Uninitialized Pointer Vulnerability." | |||||
CVE-2012-0765 | 2 Adobe, Microsoft | 3 Robohelp, Windows, Word | 2024-02-04 | 4.3 MEDIUM | N/A |
Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories. | |||||
CVE-2010-2748 | 1 Microsoft | 2 Office, Word | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly check an unspecified boundary during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Boundary Check Vulnerability." | |||||
CVE-2010-3218 | 1 Microsoft | 1 Word | 2024-02-04 | 9.3 HIGH | N/A |
Heap-based buffer overflow in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via malformed records in a Word document, aka "Word Heap Overflow Vulnerability." | |||||
CVE-2010-3219 | 1 Microsoft | 1 Word | 2024-02-04 | 9.3 HIGH | N/A |
Array index vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Parsing Vulnerability." | |||||
CVE-2010-1903 | 1 Microsoft | 2 Office Word Viewer, Word | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability." | |||||
CVE-2010-1902 | 1 Microsoft | 5 Office, Office Compatibility Pack, Office Word Viewer and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via unspecified properties in the data in a crafted RTF document, aka "Word RTF Parsing Buffer Overflow Vulnerability." | |||||
CVE-2010-3217 | 1 Microsoft | 1 Word | 2024-02-04 | 9.3 HIGH | N/A |
Double free vulnerability in Microsoft Word 2002 SP3 allows remote attackers to execute arbitrary code via a Word document with crafted List Format Override (LFO) records, aka "Word Pointer Vulnerability." | |||||
CVE-2010-3214 | 1 Microsoft | 7 Office, Office Compatibility Pack, Office Web Apps and 4 more | 2024-02-04 | 9.3 HIGH | N/A |
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web App allows remote attackers to execute arbitrary code via a crafted Word document, aka "Word Stack Overflow Vulnerability." | |||||
CVE-2010-3215 | 1 Microsoft | 2 Office, Word | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Word 2002 SP3 and Office 2004 for Mac do not properly handle unspecified return values during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Return Value Vulnerability." | |||||
CVE-2010-3216 | 1 Microsoft | 2 Office, Word | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Word 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted Word document containing bookmarks that trigger use of an invalid pointer and memory corruption, aka "Word Bookmarks Vulnerability." | |||||
CVE-2010-2750 | 1 Microsoft | 2 Office, Word | 2024-02-04 | 9.3 HIGH | N/A |
Array index error in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Index Vulnerability." | |||||
CVE-2010-1900 | 1 Microsoft | 6 Office, Office Compatibility Pack, Office Word Viewer and 3 more | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle malformed records in a Word file, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted file, aka "Word Record Parsing Vulnerability." | |||||
CVE-2010-3220 | 1 Microsoft | 2 Office, Word | 2024-02-04 | 9.3 HIGH | N/A |
Unspecified vulnerability in Microsoft Word 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted Word document that triggers memory corruption, aka "Word Parsing Vulnerability." | |||||
CVE-2010-3200 | 1 Microsoft | 1 Word | 2024-02-04 | 4.3 MEDIUM | N/A |
MSO.dll in Microsoft Word 2003 SP3 11.8326.11.8324 allows remote attackers to cause a denial of service (NULL pointer dereference and multiple-instance application crash) via a crafted buffer in a Word document, as demonstrated by word_crash_11.8326.8324_poc.doc. | |||||
CVE-2010-3221 | 1 Microsoft | 3 Office, Word, Word Viewer | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word Parsing Vulnerability." | |||||
CVE-2010-1901 | 1 Microsoft | 5 Office, Office Compatibility Pack, Office Word Viewer and 2 more | 2024-02-04 | 9.3 HIGH | N/A |
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified properties in rich text data, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RTF document, aka "Word RTF Parsing Engine Memory Corruption Vulnerability." |