VYPR

Office Word

by Microsoft

CVEs (56)

  • CVE-2008-4027Dec 10, 2008
    risk 0.03cvss epss 0.34

    Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac…

  • CVE-2008-4025Dec 10, 2008
    risk 0.03cvss epss 0.33

    Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and…

  • CVE-2008-2244Jul 9, 2008
    risk 0.03cvss epss 0.32

    Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.

  • CVE-2010-1903Aug 11, 2010
    risk 0.02cvss epss 0.19

    Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability."

  • CVE-2010-1902Aug 11, 2010
    risk 0.02cvss epss 0.23

    Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote…

  • CVE-2009-2506Dec 9, 2009
    risk 0.02cvss epss 0.31

    Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number…

  • CVE-2009-0088Apr 15, 2009
    risk 0.02cvss epss 0.28

    The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x…

  • CVE-2009-0087Apr 15, 2009
    risk 0.02cvss epss 0.26

    Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a…

  • CVE-2008-4031Dec 10, 2008
    risk 0.02cvss epss 0.23

    Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format…

  • CVE-2008-4030Dec 10, 2008
    risk 0.02cvss epss 0.23

    Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via…

  • CVE-2008-4026Dec 10, 2008
    risk 0.02cvss epss 0.23

    Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow…

  • CVE-2008-4024Dec 10, 2008
    risk 0.02cvss epss 0.29

    Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary…

  • CVE-2026-20948Jan 13, 2026
    risk 0.00cvss epss 0.01

    Untrusted pointer dereference in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2026-20944Jan 13, 2026
    risk 0.00cvss epss 0.00

    Out-of-bounds read in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62559Dec 9, 2025
    risk 0.00cvss epss 0.01

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62555Dec 9, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-62205Nov 11, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-60728Nov 11, 2025
    risk 0.00cvss epss 0.01

    Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to disclose information over a network.

  • CVE-2025-59222Oct 14, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.

  • CVE-2025-59221Oct 14, 2025
    risk 0.00cvss epss 0.00

    Use after free in Microsoft Office Word allows an unauthorized attacker to execute code locally.