Excel 2007 SP3
by Microsoft
CVEs (161)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-2520 | 0.09 | — | 0.69 | Sep 9, 2015 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||
| CVE-2012-1887 | 0.05 | — | 0.58 | Nov 14, 2012 | Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability." | |||
| CVE-2011-0979 | 0.05 | — | 0.67 | Feb 10, 2011 | Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers… | |||
| CVE-2023-23399 | 0.04 | — | 0.07 | Mar 14, 2023 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2020-0901 | 0.04 | — | 0.46 | May 21, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | |||
| CVE-2013-3890 | 0.04 | — | 0.53 | Oct 9, 2013 | Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." | |||
| CVE-2010-3241 | 0.04 | — | 0.51 | Oct 13, 2010 | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in… | |||
| CVE-2009-3134 | 0.04 | — | 0.55 | Nov 11, 2009 | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats… | |||
| CVE-2025-47165 | 0.03 | — | 0.01 | Jun 10, 2025 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2025-27751 | 0.03 | — | 0.01 | Apr 8, 2025 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2023-33133 | 0.03 | — | 0.37 | Jun 13, 2023 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2023-33137 | 0.03 | — | 0.03 | Jun 13, 2023 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2023-32029 | 0.03 | — | 0.40 | Jun 13, 2023 | Microsoft Excel Remote Code Execution Vulnerability | |||
| CVE-2020-0906 | 0.03 | — | 0.33 | Apr 15, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0979. | |||
| CVE-2020-0760 | 0.03 | — | 0.33 | Apr 15, 2020 | A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. | |||
| CVE-2020-0759 | 0.03 | — | 0.33 | Feb 11, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | |||
| CVE-2020-0650 | 0.03 | — | 0.34 | Jan 14, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653. | |||
| CVE-2020-0651 | 0.03 | — | 0.34 | Jan 14, 2020 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653. | |||
| CVE-2019-1448 | 0.03 | — | 0.38 | Nov 12, 2019 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. | |||
| CVE-2019-1331 | 0.03 | — | 0.38 | Oct 10, 2019 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327. |
- CVE-2015-2520Sep 9, 2015risk 0.09cvss —epss 0.69
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
- CVE-2012-1887Nov 14, 2012risk 0.05cvss —epss 0.58
Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability."
- CVE-2011-0979Feb 10, 2011risk 0.05cvss —epss 0.67
Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and Excel Viewer SP2 do not properly handle errors during the parsing of Office Art records in Excel spreadsheets, which allows remote attackers…
- CVE-2023-23399Mar 14, 2023risk 0.04cvss —epss 0.07
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2020-0901May 21, 2020risk 0.04cvss —epss 0.46
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
- CVE-2013-3890Oct 9, 2013risk 0.04cvss —epss 0.53
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."
- CVE-2010-3241Oct 13, 2010risk 0.04cvss —epss 0.51
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in…
- CVE-2009-3134Nov 11, 2009risk 0.04cvss —epss 0.55
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats…
- CVE-2025-47165Jun 10, 2025risk 0.03cvss —epss 0.01
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2025-27751Apr 8, 2025risk 0.03cvss —epss 0.01
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2023-33133Jun 13, 2023risk 0.03cvss —epss 0.37
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2023-33137Jun 13, 2023risk 0.03cvss —epss 0.03
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2023-32029Jun 13, 2023risk 0.03cvss —epss 0.40
Microsoft Excel Remote Code Execution Vulnerability
- CVE-2020-0906Apr 15, 2020risk 0.03cvss —epss 0.33
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0979.
- CVE-2020-0760Apr 15, 2020risk 0.03cvss —epss 0.33
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
- CVE-2020-0759Feb 11, 2020risk 0.03cvss —epss 0.33
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
- CVE-2020-0650Jan 14, 2020risk 0.03cvss —epss 0.34
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0651, CVE-2020-0653.
- CVE-2020-0651Jan 14, 2020risk 0.03cvss —epss 0.34
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0650, CVE-2020-0653.
- CVE-2019-1448Nov 12, 2019risk 0.03cvss —epss 0.38
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
- CVE-2019-1331Oct 10, 2019risk 0.03cvss —epss 0.38
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1327.
Page 2 of 9