Filtered by vendor Microsoft
Subscribe
Total
19339 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2011-1508 | 1 Microsoft | 1 Publisher | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Publisher 2003 SP3, and 2007 SP2 and SP3, does not properly manage memory allocations for function pointers, which allows user-assisted remote attackers to execute arbitrary code via a crafted Publisher file, aka "Publisher Function Pointer Overwrite Vulnerability." | |||||
| CVE-2011-1280 | 1 Microsoft | 4 Office Infopath, Sql Server, Sql Server Management Studio Express and 1 more | 2018-10-12 | 4.3 MEDIUM | N/A |
| The XML Editor in Microsoft InfoPath 2007 SP2 and 2010; SQL Server 2005 SP3 and SP4 and 2008 SP1, SP2, and R2; SQL Server Management Studio Express (SSMSE) 2005; and Visual Studio 2005 SP1, 2008 SP1, and 2010 does not properly handle external entities, which allows remote attackers to read arbitrary files via a crafted .disco (Web Service Discovery) file, aka "XML External Entities Resolution Vulnerability." | |||||
| CVE-2011-1279 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability." | |||||
| CVE-2011-1278 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel WriteAV Vulnerability." | |||||
| CVE-2011-1277 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, Office 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Corruption Vulnerability." | |||||
| CVE-2011-1276 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Excel spreadsheet, related to improper validation of record information, aka "Excel Buffer Overrun Vulnerability." | |||||
| CVE-2011-1275 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Heap Overwrite Vulnerability." | |||||
| CVE-2011-1274 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability." | |||||
| CVE-2011-1273 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Improper Record Parsing Vulnerability." | |||||
| CVE-2011-1272 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record structures during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Insufficient Record Validation Vulnerability." | |||||
| CVE-2011-1270 | 1 Microsoft | 1 Powerpoint | 2018-10-12 | 9.3 HIGH | N/A |
| Buffer overflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3 allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Buffer Overrun RCE Vulnerability." | |||||
| CVE-2011-1269 | 1 Microsoft | 4 Office, Office Compatibility Pack, Open Xml File Format Converter and 1 more | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 make unspecified function calls during file parsing without proper handling of memory, which allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "Presentation Memory Corruption RCE Vulnerability." | |||||
| CVE-2011-1243 | 1 Microsoft | 1 Windows Xp | 2018-10-12 | 9.3 HIGH | N/A |
| The Windows Messenger ActiveX control in msgsc.dll in Microsoft Windows XP SP2 and SP3 allows remote attackers to execute arbitrary code via unspecified vectors that "corrupt the system state," aka "Microsoft Windows Messenger ActiveX Control Vulnerability." | |||||
| CVE-2011-0980 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly parse Office Art objects, which allows remote attackers to execute arbitrary code via vectors related to a function pointer, aka "Excel Dangling Pointer Vulnerability." | |||||
| CVE-2011-0979 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a malformed object record, related to a "stray reference," aka "Excel Linked List Corruption Vulnerability." | |||||
| CVE-2011-0978 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-12 | 9.3 HIGH | N/A |
| Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via vectors related to an axis properties record, and improper incrementing of an array index, aka "Excel Array Indexing Vulnerability." | |||||
| CVE-2011-0977 | 1 Microsoft | 1 Excel | 2018-10-12 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability." | |||||
| CVE-2011-0976 | 1 Microsoft | 1 Powerpoint | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft PowerPoint 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 do not properly handle Office Art containers that have invalid records, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a PowerPoint document with a container that triggers certain access to an uninitialized object, aka "OfficeArt Atom RCE Vulnerability." | |||||
| CVE-2011-0673 | 1 Microsoft | 1 Windows Xp | 2018-10-12 | 7.2 HIGH | N/A |
| win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP3 allows local users to gain privileges via a crafted application that triggers a NULL pointer dereference, aka "Win32k Null Pointer De-reference Vulnerability." | |||||
| CVE-2011-0656 | 1 Microsoft | 7 Office, Office Compatibility Pack, Office Powerpoint Viewer and 4 more | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in PowerPoint documents, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a Slide with a malformed record, which triggers an exception and later use of an unspecified method, aka "Persist Directory RCE Vulnerability." | |||||