Microsoft

Office

952 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2014-6362

  • EPSS 32.35%
  • Published 11.02.2015 02:59:04
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in Microsoft Office 2007 SP3, 2010 SP2, and 2013 Gold and SP1 allows remote attackers to bypass the ASLR protection mechanism via a crafted document, aka "Microsoft Office Component Use After Free Vulnerability."

9.3

CVE-2014-6364

  • EPSS 31.74%
  • Published 11.12.2014 00:59:14
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in Microsoft Office 2007 SP3; 2010 SP2; 2013 Gold, SP1, and SP2; and 2013 RT Gold and SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Component Use After Free Vul...

9.3

CVE-2014-6357

  • EPSS 55.66%
  • Published 11.12.2014 00:59:10
  • Last modified 12.04.2025 10:46:40

Use-after-free vulnerability in Microsoft Office 2010 SP2, Office 2013 Gold and SP1, Office 2013 RT Gold and SP1, Office for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 Gold an...

9.3

CVE-2014-4117

  • EPSS 35.71%
  • Published 15.10.2014 10:55:07
  • Last modified 12.04.2025 10:46:40

Microsoft Office 2007 SP3, Word 2007 SP3, Office 2010 SP1 and SP2, Word 2010 SP1 and SP2, Office for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1 and SP2, and Word Web Apps 2010 Gold, SP1, and SP2 al...

9.3

CVE-2006-1318

  • EPSS 18.06%
  • Published 19.09.2014 10:55:03
  • Last modified 12.04.2025 10:46:40

Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, Office 2004 for Mac, and Office X for Mac do not properly parse record lengths, which allows remote attackers to execute arbitrary code via a malformed control in an Office document, ...

9.3

CVE-2014-1756

  • EPSS 20.08%
  • Published 14.05.2014 11:13:06
  • Last modified 12.04.2025 10:46:40

Untrusted search path vulnerability in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1, when the Simplified Chinese Proofing Tool is enabled, allows local users to gain privileges via a Trojan horse DLL in the current ...

4.3

CVE-2014-1808

  • EPSS 14.71%
  • Published 14.05.2014 11:13:06
  • Last modified 12.04.2025 10:46:40

Microsoft Office 2013 Gold, SP1, RT, and RT SP1 allows remote attackers to obtain sensitive token information via a web site that sends a crafted response during opening of an Office document, aka "Token Reuse Vulnerability."

6.8

CVE-2014-1809

  • EPSS 9.95%
  • Published 14.05.2014 11:13:06
  • Last modified 12.04.2025 10:46:40

The MSCOMCTL library in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013 Gold, SP1, RT, and RT SP1 makes it easier for remote attackers to bypass the ASLR protection mechanism via a crafted web site, as exploited in the wild in May 2014, aka "MS...

5

CVE-2014-2730

  • EPSS 9.29%
  • Published 05.04.2014 14:55:04
  • Last modified 12.04.2025 10:46:40

The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption and persisten...

9.3

CVE-2014-1761

Warning
  • EPSS 92.83%
  • Published 25.03.2014 13:24:01
  • Last modified 12.04.2025 10:46:40

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Of...