Word Viewer
by Microsoft
CVEs (118)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2013-3848 | 0.02 | — | 0.21 | Sep 11, 2013 | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of… | |||
| CVE-2013-3847 | 0.02 | — | 0.21 | Sep 11, 2013 | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of… | |||
| CVE-2013-3160 | 0.02 | — | 0.24 | Sep 11, 2013 | Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE)… | |||
| CVE-2013-1335 | 0.02 | — | 0.21 | May 15, 2013 | Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability." | |||
| CVE-2012-2528 | 0.02 | — | 0.22 | Oct 9, 2012 | Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary… | |||
| CVE-2010-3221 | 0.02 | — | 0.20 | Oct 13, 2010 | Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word… | |||
| CVE-2010-3214 | 0.02 | — | 0.25 | Oct 13, 2010 | Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web… | |||
| CVE-2010-1903 | 0.02 | — | 0.19 | Aug 11, 2010 | Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability." | |||
| CVE-2010-1902 | 0.02 | — | 0.23 | Aug 11, 2010 | Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote… | |||
| CVE-2010-1901 | 0.02 | — | 0.19 | Aug 11, 2010 | Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified… | |||
| CVE-2009-3126 | 0.02 | — | 0.23 | Oct 14, 2009 | Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003… | |||
| CVE-2009-2528 | 0.02 | — | 0.20 | Oct 14, 2009 | GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability." | |||
| CVE-2009-2504 | 0.02 | — | 0.21 | Oct 14, 2009 | Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and… | |||
| CVE-2009-2503 | 0.02 | — | 0.22 | Oct 14, 2009 | GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer… | |||
| CVE-2009-2501 | 0.02 | — | 0.27 | Oct 14, 2009 | Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel… | |||
| CVE-2009-2500 | 0.02 | — | 0.24 | Oct 14, 2009 | Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003… | |||
| CVE-2008-4031 | 0.02 | — | 0.23 | Dec 10, 2008 | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format… | |||
| CVE-2008-4030 | 0.02 | — | 0.23 | Dec 10, 2008 | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via… | |||
| CVE-2008-4026 | 0.02 | — | 0.23 | Dec 10, 2008 | Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow… | |||
| CVE-2008-4024 | 0.02 | — | 0.29 | Dec 10, 2008 | Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary… |
- CVE-2013-3848Sep 11, 2013risk 0.02cvss —epss 0.21
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of…
- CVE-2013-3847Sep 11, 2013risk 0.02cvss —epss 0.21
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of…
- CVE-2013-3160Sep 11, 2013risk 0.02cvss —epss 0.24
Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE)…
- CVE-2013-1335May 15, 2013risk 0.02cvss —epss 0.21
Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code via crafted shape data in a Word document, aka "Word Shape Corruption Vulnerability."
- CVE-2012-2528Oct 9, 2012risk 0.02cvss —epss 0.22
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary…
- CVE-2010-3221Oct 13, 2010risk 0.02cvss —epss 0.20
Microsoft Word 2002 SP3 and 2003 SP3, Office 2004 for Mac, and Word Viewer do not properly handle a malformed record during parsing of a Word document, which allows remote attackers to execute arbitrary code via a crafted document that triggers memory corruption, aka "Word…
- CVE-2010-3214Oct 13, 2010risk 0.02cvss —epss 0.25
Stack-based buffer overflow in Microsoft Word 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; Word Viewer; Office Web Apps; and Word Web…
- CVE-2010-1903Aug 11, 2010risk 0.02cvss —epss 0.19
Microsoft Office Word 2002 SP3 and 2003 SP3, and Office Word Viewer, allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a malformed record in a Word file, aka "Word HTML Linked Objects Memory Corruption Vulnerability."
- CVE-2010-1902Aug 11, 2010risk 0.02cvss —epss 0.23
Buffer overflow in Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote…
- CVE-2010-1901Aug 11, 2010risk 0.02cvss —epss 0.19
Microsoft Office Word 2002 SP3, 2003 SP3, and 2007 SP2; Microsoft Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Word Viewer; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly handle unspecified…
- CVE-2009-3126Oct 14, 2009risk 0.02cvss —epss 0.23
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003…
- CVE-2009-2528Oct 14, 2009risk 0.02cvss —epss 0.20
GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Memory Corruption Vulnerability."
- CVE-2009-2504Oct 14, 2009risk 0.02cvss —epss 0.21
Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and…
- CVE-2009-2503Oct 14, 2009risk 0.02cvss —epss 0.22
GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer…
- CVE-2009-2501Oct 14, 2009risk 0.02cvss —epss 0.27
Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel…
- CVE-2009-2500Oct 14, 2009risk 0.02cvss —epss 0.24
Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003…
- CVE-2008-4031Dec 10, 2008risk 0.02cvss —epss 0.23
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format…
- CVE-2008-4030Dec 10, 2008risk 0.02cvss —epss 0.23
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via…
- CVE-2008-4026Dec 10, 2008risk 0.02cvss —epss 0.23
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow…
- CVE-2008-4024Dec 10, 2008risk 0.02cvss —epss 0.29
Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary…
Page 5 of 6