Excel 2007 SP3
by Microsoft
CVEs (155)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2011-3403 | 0.02 | — | 0.21 | Dec 14, 2011 | Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability." | |||
| CVE-2010-3241 | 0.02 | — | 0.21 | Oct 13, 2010 | Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in… | |||
| CVE-2010-3240 | 0.02 | — | 0.21 | Oct 13, 2010 | Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka… | |||
| CVE-2009-3134 | 0.02 | — | 0.26 | Nov 11, 2009 | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats… | |||
| CVE-2009-3130 | 0.02 | — | 0.29 | Nov 11, 2009 | Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka BIFF) record that triggers… | |||
| CVE-2015-6177 | 0.01 | — | 0.14 | Dec 9, 2015 | Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||
| CVE-2014-6361 | 0.01 | — | 0.13 | Dec 11, 2014 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Excel Invalid Pointer Remote Code Execution Vulnerability." | |||
| CVE-2014-6360 | 0.01 | — | 0.13 | Dec 11, 2014 | Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability." | |||
| CVE-2026-26109 | 0.00 | — | 0.00 | Mar 10, 2026 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-26108 | 0.00 | — | 0.00 | Mar 10, 2026 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-26107 | 0.00 | — | 0.00 | Mar 10, 2026 | Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-26112 | 0.00 | — | 0.00 | Mar 10, 2026 | Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally. | |||
| CVE-2026-21261 | 0.00 | — | 0.01 | Feb 10, 2026 | Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-21258 | 0.00 | — | 0.01 | Feb 10, 2026 | Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally. | |||
| CVE-2026-21259 | 0.00 | — | 0.01 | Feb 10, 2026 | Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally. |
- CVE-2011-3403Dec 14, 2011risk 0.02cvss —epss 0.21
Microsoft Excel 2003 SP3 and Office 2004 for Mac do not properly handle objects in memory, which allows remote attackers to execute arbitrary code via a crafted Excel spreadsheet, aka "Record Memory Corruption Vulnerability."
- CVE-2010-3241Oct 13, 2010risk 0.02cvss —epss 0.21
Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate binary file-format information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Out-of-Bounds Memory Write in…
- CVE-2010-3240Oct 13, 2010risk 0.02cvss —epss 0.21
Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka…
- CVE-2009-3134Nov 11, 2009risk 0.02cvss —epss 0.26
Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats…
- CVE-2009-3130Nov 11, 2009risk 0.02cvss —epss 0.29
Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via a spreadsheet containing a malformed Binary File Format (aka BIFF) record that triggers…
- CVE-2015-6177Dec 9, 2015risk 0.01cvss —epss 0.14
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
- CVE-2014-6361Dec 11, 2014risk 0.01cvss —epss 0.13
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Excel Invalid Pointer Remote Code Execution Vulnerability."
- CVE-2014-6360Dec 11, 2014risk 0.01cvss —epss 0.13
Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability."
- CVE-2026-26109Mar 10, 2026risk 0.00cvss —epss 0.00
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-26108Mar 10, 2026risk 0.00cvss —epss 0.00
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-26107Mar 10, 2026risk 0.00cvss —epss 0.00
Use after free in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-26112Mar 10, 2026risk 0.00cvss —epss 0.00
Untrusted pointer dereference in Microsoft Office Excel allows an unauthorized attacker to execute code locally.
- CVE-2026-21261Feb 10, 2026risk 0.00cvss —epss 0.01
Out-of-bounds read in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
- CVE-2026-21258Feb 10, 2026risk 0.00cvss —epss 0.01
Improper input validation in Microsoft Office Excel allows an unauthorized attacker to disclose information locally.
- CVE-2026-21259Feb 10, 2026risk 0.00cvss —epss 0.01
Heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to elevate privileges locally.
Page 8 of 8