Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2006-2387 |
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 and CVE-2006-3875. Published: October 10, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2006-3434 |
Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption. Published: October 10, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-3647 |
Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka "Memmove Code Execution," a different vulnerability than CVE-2006-3651 and CVE-2006-4693. Published: October 10, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-3650 |
Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with values from the document, a different vulnerability than CVE-2006-3434, CVE-2006-3864, and CVE-2006-3868. Published: October 10, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-3651 |
Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693. Published: October 10, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-3868 |
Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag. Published: October 10, 2006; 6:07:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2006-3435 |
PowerPoint in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac does not properly parse the slide notes field in a document, which allows remote user-assisted attackers to execute arbitrary code via crafted data in this field, which triggers an erroneous object pointer calculation that uses data from within the document. NOTE: this issue is different than other PowerPoint vulnerabilities including CVE-2006-4694. Published: October 10, 2006; 5:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-3876 |
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via a crafted Data record in a PPT file, a different vulnerability than CVE-2006-3435 and CVE-2006-4694. Published: October 10, 2006; 5:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-4694 |
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office XP and Office 2003 allows user-assisted attackers to execute arbitrary code via a crafted record in a PPT file, as exploited by malware such as Exploit:Win32/Controlppt.W, Exploit:Win32/Controlppt.X, and Exploit-PPT.d/Trojan.PPDropper.F. NOTE: it has been reported that the attack vector involves SlideShowWindows.View.GotoNamedShow. Published: September 27, 2006; 3:07:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-4534 |
Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with names including Trojan.Mdropper.Q, Mofei, and Femo. Published: September 05, 2006; 1:04:00 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-3493 |
Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other Office file type. NOTE: this issue was originally reported to allow code execution, but on 20060710 Microsoft stated that code execution is not possible, and the original researcher agrees. Published: July 10, 2006; 6:05:00 PM -0400 |
V3.x:(not available) V2.0: 5.1 MEDIUM |
CVE-2006-1540 |
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a certain "01 00 00 00" byte sequence with an "FF FF FF FF" byte sequence, possibly causing an invalid array index, in (1) an Excel .xls document, which triggers an access violation in ole32.dll; (2) an Excel .xlw document, which triggers an access violation in excel.exe; (3) a Word document, which triggers an access violation in mso.dll in winword.exe; and (4) a PowerPoint document, which triggers an access violation in powerpnt.txt. NOTE: after the initial disclosure, this issue was demonstrated by triggering an integer overflow using an inconsistent size for a Unicode "Sheet Name" string. Published: March 30, 2006; 6:02:00 AM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2006-0008 |
The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License Agreement" link, which executes Notepad with the privileges of the program that displays the about box. Published: February 14, 2006; 2:06:00 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2005-2127 |
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended for use within Internet Explorer, as originally demonstrated using the (1) DDS Library Shape Control (Msdds.dll) COM object, and other objects including (2) Blnmgrps.dll, (3) Ciodm.dll, (4) Comsvcs.dll, (5) Danim.dll, (6) Htmlmarq.ocx, (7) Mdt2dd.dll (as demonstrated using a heap corruption attack with uninitialized memory), (8) Mdt2qd.dll, (9) Mpg4ds32.ax, (10) Msadds32.ax, (11) Msb1esen.dll, (12) Msb1fren.dll, (13) Msb1geen.dll, (14) Msdtctm.dll, (15) Mshtml.dll, (16) Msoeacct.dll, (17) Msosvfbr.dll, (18) Mswcrun.dll, (19) Netshell.dll, (20) Ole2disp.dll, (21) Outllib.dll, (22) Psisdecd.dll, (23) Qdvd.dll, (24) Repodbc.dll, (25) Shdocvw.dll, (26) Shell32.dll, (27) Soa.dll, (28) Srchui.dll, (29) Stobject.dll, (30) Vdt70.dll, (31) Vmhelper.dll, and (32) Wbemads.dll, aka a variant of the "COM Object Instantiation Memory Corruption vulnerability." Published: August 19, 2005; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2004-0848 |
Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. Published: February 08, 2005; 12:00:00 AM -0500 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2004-0200 |
Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. Published: September 28, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2004-0573 |
Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. Published: September 28, 2004; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-1999-0794 |
Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. Published: October 01, 1999; 12:00:00 AM -0400 |
V3.x:(not available) V2.0: 4.6 MEDIUM |