VYPR

Word

by Microsoft

CVEs (269)

  • CVE-2020-17020Nov 11, 2020
    risk 0.00cvss epss 0.01

    Microsoft Word Security Feature Bypass Vulnerability

  • CVE-2020-16933Oct 16, 2020
    risk 0.00cvss epss 0.03

    A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user.…

  • CVE-2003-0664Oct 20, 2003
    risk 0.00cvss epss 0.04

    Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.

  • CVE-2001-0628Aug 14, 2001
    risk 0.00cvss epss 0.02

    Microsoft Word 2000 does not check AutoRecovery (.asd) files for macros, which allows a local attacker to execute arbitrary macros with the user ID of the Word user.

  • CVE-2001-0501Jul 21, 2001
    risk 0.00cvss epss 0.02

    Microsoft Word 2002 and earlier allows attackers to automatically execute macros without warning the user by embedding the macros in a manner that escapes detection by the security scanner.

  • CVE-2001-0240Jun 27, 2001
    risk 0.00cvss epss 0.01

    Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.

  • CVE-2000-0765Oct 20, 2000
    risk 0.00cvss epss 0.04

    Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.

  • CVE-2000-0088Jan 20, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.

  • CVE-1999-0354Nov 1, 1999
    risk 0.00cvss epss 0.05

    Internet Explorer 4.x or 5.x with Word 97 allows arbitrary execution of Visual Basic programs to the IE client through the Word 97 template, which doesn't warn the user that the template contains executable content. Also applies to Outlook when the client views a malicious…

Page 14 of 14