VYPR

Word

by Microsoft

CVEs (269)

  • CVE-2018-0919LowMar 14, 2018
    risk 0.22cvss 3.3epss 0.12

    Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016,…

  • CVE-2023-36761KEVSep 12, 2023
    risk 0.12cvss epss 0.19

    Microsoft Word Information Disclosure Vulnerability

  • CVE-2023-21716Feb 14, 2023
    risk 0.07cvss epss 0.82

    Microsoft Word Remote Code Execution Vulnerability

  • CVE-2004-0200Sep 28, 2004
    risk 0.07cvss epss 0.49

    Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length…

  • CVE-2002-1143Apr 11, 2003
    risk 0.07cvss epss 0.54

    Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and…

  • CVE-2015-2468Aug 15, 2015
    risk 0.06cvss epss 0.43

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office…

  • CVE-2015-0097Mar 11, 2015
    risk 0.06cvss epss 0.41

    Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability."

  • CVE-2010-1900Aug 11, 2010
    risk 0.06cvss epss 0.40

    Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and Works 9 do not properly handle…

  • CVE-2007-0515Jan 26, 2007
    risk 0.06cvss epss 0.38

    Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by…

  • CVE-2006-6561Dec 14, 2006
    risk 0.06cvss epss 0.40

    Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than…

  • CVE-2006-3493Jul 10, 2006
    risk 0.06cvss epss 0.40

    Buffer overflow in LsCreateLine function (mso_203) in mso.dll and mso9.dll, as used by Microsoft Word and possibly other products in Microsoft Office 2003, 2002, and 2000, allows remote user-assisted attackers to cause a denial of service (crash) via a crafted Word DOC or other…

  • CVE-2015-2470Aug 15, 2015
    risk 0.05cvss epss 0.27

    Integer underflow in Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office for Mac 2011, and Word Viewer allows remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Integer Underflow Vulnerability."

  • CVE-2015-2469Aug 15, 2015
    risk 0.05cvss epss 0.27

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, and Office for Mac 2011 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2015-0065Feb 11, 2015
    risk 0.05cvss epss 0.30

    Microsoft Word 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "OneTableDocumentStream Remote Code Execution Vulnerability."

  • CVE-2015-0064Feb 11, 2015
    risk 0.05cvss epss 0.30

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory…

  • CVE-2012-0182Oct 9, 2012
    risk 0.05cvss epss 0.68

    Microsoft Word 2007 SP2 and SP3 does not properly handle memory during the parsing of Word documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "Word PAPX Section Corruption Vulnerability."

  • CVE-2008-2752Jun 18, 2008
    risk 0.05cvss epss 0.28

    Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: some…

  • CVE-2007-1910Apr 10, 2007
    risk 0.05cvss epss 0.25

    Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc.

  • CVE-2020-1447Jul 14, 2020
    risk 0.04cvss epss 0.11

    A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.

  • CVE-2015-6172Dec 9, 2015
    risk 0.04cvss epss 0.54

    Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2016, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted email message processed by Outlook, aka "Microsoft Office RCE Vulnerability."

Page 5 of 14