Microsoft

Office

952 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2013-5054

  • EPSS 11.42%
  • Published 11.12.2013 00:55:04
  • Last modified 11.04.2025 00:51:21

Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability."

4.3

CVE-2013-5057

  • EPSS 14.8%
  • Published 11.12.2013 00:55:04
  • Last modified 11.04.2025 00:51:21

hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet ...

9.3

CVE-2013-0082

  • EPSS 52.42%
  • Published 13.11.2013 00:55:02
  • Last modified 11.04.2025 00:51:21

Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "WPD File Format Memory Corruption Vulnerability."

9.3

CVE-2013-1324

  • EPSS 59.76%
  • Published 13.11.2013 00:55:02
  • Last modified 11.04.2025 00:51:21

Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability."

9.3

CVE-2013-1325

  • EPSS 59.76%
  • Published 13.11.2013 00:55:02
  • Last modified 11.04.2025 00:51:21

Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability."

9.3

CVE-2013-3906

Warning Exploit
  • EPSS 92.75%
  • Published 06.11.2013 15:55:05
  • Last modified 11.04.2025 00:51:21

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafte...

9.3

CVE-2013-3889

  • EPSS 59.51%
  • Published 09.10.2013 14:53:25
  • Last modified 11.04.2025 00:51:21

Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Serve...

9.3

CVE-2013-1315

Exploit
  • EPSS 69.34%
  • Published 11.09.2013 14:03:48
  • Last modified 11.04.2025 00:51:21

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to exec...

5

CVE-2013-3160

  • EPSS 28.56%
  • Published 11.09.2013 14:03:48
  • Last modified 11.04.2025 00:51:21

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XM...

9.3

CVE-2013-3853

  • EPSS 52.85%
  • Published 11.09.2013 14:03:48
  • Last modified 11.04.2025 00:51:21

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CV...