VYPR

Office

by Microsoft

CVEs (1,071)

  • CVE-2013-3859Sep 11, 2013
    risk 0.00cvss epss 0.02

    Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properly restrict configuration options, which allows local users to gain privileges by starting Internet Explorer from the IME toolbar, aka "Chinese IME Vulnerability."

  • CVE-2012-1894Jul 10, 2012
    risk 0.00cvss epss 0.02

    Microsoft Office for Mac 2011 uses world-writable permissions for the "Applications/Microsoft Office 2011/" directory and certain other directories, which allows local users to gain privileges by placing a Trojan horse executable file in one of these directories, aka "Office for…

  • CVE-2008-7217Sep 13, 2009
    risk 0.00cvss epss 0.01

    Microsoft Office 2008 for Mac, when running on Macintosh systems that restrict Office access to administrators, does not enforce this restriction for user ID 502, which allows local users with that ID to bypass intended security policy and access Office programs, related to…

  • CVE-2008-3003Aug 12, 2008
    risk 0.00cvss epss 0.02

    Microsoft Office Excel 2007 Gold and SP1 does not properly delete the PWD (password) string from connections.xml when a .xlsx file is configured not to save the remote data session password, which allows local users to obtain sensitive information and obtain access to a remote…

  • CVE-2007-5861Dec 19, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in Spotlight in Apple Mac OS X 10.4.11 allows user-assisted attackers to cause a denial of service (application termination) or execute arbitrary code via a crafted .XLS file that triggers memory corruption in the Microsoft Office Spotlight Importer.

  • CVE-2006-0008Feb 14, 2006
    risk 0.00cvss epss 0.02

    The ShellAbout API call in Korean Input Method Editor (IME) in Korean versions of Microsoft Windows XP SP1 and SP2, Windows Server 2003 up to SP1, and Office 2003, allows local users to gain privileges by launching the "shell about dialog box" and clicking the "End-User License…

  • CVE-2005-0545May 2, 2005
    risk 0.00cvss epss 0.02

    Microsoft Windows XP Pro SP2 and Windows 2000 Server SP4 running Active Directory allow local users to bypass group policies that restrict access to hidden drives by using the browse feature in Office 10 applications such as Word or Excel, or using a flash drive. NOTE: this…

  • CVE-2002-0615Jul 3, 2002
    risk 0.00cvss epss 0.06

    The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".

  • CVE-2000-0088Jan 20, 2000
    risk 0.00cvss epss 0.02

    Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.

  • CVE-1999-1259Dec 31, 1999
    risk 0.00cvss epss 0.03

    Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which could allow attackers to obtain sensitive information.

  • CVE-1999-0384Jan 1, 1999
    risk 0.00cvss epss 0.01

    The Forms 2.0 ActiveX control (included with Visual Basic for Applications 5.0) can be used to read text from a user's clipboard when the user accesses documents with ActiveX content.

Page 54 of 54