Office Word
by Microsoft
CVEs (56)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2009-0563 | Hig | 0.68 | 7.8 | 0.63 | KEV | Jun 10, 2009 | Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility… | |
| CVE-2026-40367 | Hig | 0.55 | 8.4 | 0.00 | May 12, 2026 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-40366 | Hig | 0.55 | 8.4 | 0.00 | May 12, 2026 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-40364 | Hig | 0.55 | 8.4 | 0.04 | May 12, 2026 | Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-33115 | Hig | 0.55 | 8.4 | 0.00 | Apr 14, 2026 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-33114 | Hig | 0.55 | 8.4 | 0.00 | Apr 14, 2026 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-45486 | Hig | 0.51 | 7.8 | 0.00 | Jun 9, 2026 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-45471 | Hig | 0.51 | 7.8 | 0.00 | Jun 9, 2026 | Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-33095 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-23657 | Hig | 0.51 | 7.8 | 0.00 | Apr 14, 2026 | Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally. | ||
| CVE-2026-41101 | Hig | 0.46 | 7.1 | 0.00 | May 12, 2026 | Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. | ||
| CVE-2026-33822 | Med | 0.40 | 6.1 | 0.00 | Apr 14, 2026 | Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-35440 | Med | 0.36 | 5.5 | 0.00 | May 12, 2026 | Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-40421 | Med | 0.28 | 4.3 | 0.01 | May 12, 2026 | Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-45466 | Low | 0.21 | 3.3 | 0.00 | Jun 9, 2026 | Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally. | ||
| CVE-2026-21514 | 0.12 | — | 0.02 | KEV | Feb 10, 2026 | Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally. | ||
| CVE-2009-0565 | 0.06 | — | 0.41 | Jun 10, 2009 | Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote… | |||
| CVE-2009-3135 | 0.03 | — | 0.36 | Nov 11, 2009 | Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a… | |||
| CVE-2008-4837 | 0.03 | — | 0.37 | Dec 10, 2008 | Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 allow remote attackers to… | |||
| CVE-2008-4028 | 0.03 | — | 0.38 | Dec 10, 2008 | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format… |
- risk 0.68cvss 7.8epss 0.63
Stack-based buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; Microsoft Office Word Viewer 2003 SP3; Microsoft Office Word Viewer; and Microsoft Office Compatibility…
- risk 0.55cvss 8.4epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.04
Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.55cvss 8.4epss 0.00
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.51cvss 7.8epss 0.00
Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.
- risk 0.46cvss 7.1epss 0.00
Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally.
- risk 0.40cvss 6.1epss 0.00
Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- risk 0.36cvss 5.5epss 0.00
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- risk 0.28cvss 4.3epss 0.01
Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- risk 0.21cvss 3.3epss 0.00
Heap-based buffer overflow in Microsoft Office Word allows an unauthorized attacker to disclose information locally.
- risk 0.12cvss —epss 0.02
Reliance on untrusted inputs in a security decision in Microsoft Office Word allows an unauthorized attacker to bypass a security feature locally.
- CVE-2009-0565Jun 10, 2009risk 0.06cvss —epss 0.41
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote…
- CVE-2009-3135Nov 11, 2009risk 0.03cvss —epss 0.36
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a…
- CVE-2008-4837Dec 10, 2008risk 0.03cvss —epss 0.37
Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 allow remote attackers to…
- CVE-2008-4028Dec 10, 2008risk 0.03cvss —epss 0.38
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format…
Page 1 of 3