Microsoft

Office

984 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5

CVE-2014-2730

  • EPSS 9.29%
  • Veröffentlicht 05.04.2014 14:55:04
  • Zuletzt bearbeitet 12.04.2025 10:46:40

The XML parser in Microsoft Office 2007 SP3, 2010 SP1 and SP2, and 2013, and Office for Mac 2011, does not properly detect recursion during entity expansion, which allows remote attackers to cause a denial of service (memory consumption and persisten...

9.3

CVE-2014-1761

Warnung
  • EPSS 93.13%
  • Veröffentlicht 25.03.2014 13:24:01
  • Zuletzt bearbeitet 22.10.2025 01:15:55

Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Word Viewer; Office Compatibility Pack SP3; Office for Mac 2011; Word Automation Services on SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Of...

4.3

CVE-2013-5054

  • EPSS 11.42%
  • Veröffentlicht 11.12.2013 00:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Microsoft Office 2013 and 2013 RT allows remote attackers to discover authentication tokens via a crafted response to a file-open request for an Office file on a web site, as exploited in the wild in 2013, aka "Token Hijacking Vulnerability."

4.3

CVE-2013-5057

  • EPSS 14.8%
  • Veröffentlicht 11.12.2013 00:55:04
  • Zuletzt bearbeitet 11.04.2025 00:51:21

hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet ...

9.3

CVE-2013-0082

  • EPSS 52.42%
  • Veröffentlicht 13.11.2013 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "WPD File Format Memory Corruption Vulnerability."

9.3

CVE-2013-1324

  • EPSS 59.76%
  • Veröffentlicht 13.11.2013 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability."

9.3

CVE-2013-1325

  • EPSS 59.76%
  • Veröffentlicht 13.11.2013 00:55:02
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability."

9.3

CVE-2013-3906

Warnung Exploit
  • EPSS 92.55%
  • Veröffentlicht 06.11.2013 15:55:05
  • Zuletzt bearbeitet 22.10.2025 01:15:51

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafte...

9.3

CVE-2013-3889

  • EPSS 64.99%
  • Veröffentlicht 09.10.2013 14:53:25
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Serve...

9.3

CVE-2013-1315

Exploit
  • EPSS 73.68%
  • Veröffentlicht 11.09.2013 14:03:48
  • Zuletzt bearbeitet 11.04.2025 00:51:21

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to exec...