Microsoft

Office

1029 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 30.31%
  • Veröffentlicht 12.08.2008 23:41:00
  • Zuletzt bearbeitet 16.06.2026 22:54:56

Microsoft Office 2000 SP3 and XP SP3; Office Converter Pack; and Works 8 do not properly parse the length of a BMP file, which allows remote attackers to execute arbitrary code via a crafted BMP file, aka the "Malformed BMP Filter Vulnerability."

  • EPSS 35.91%
  • Veröffentlicht 12.08.2008 23:41:00
  • Zuletzt bearbeitet 16.06.2026 22:54:56

Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 do not properly parse the length of a PICT file, which allows remote attackers to execute arbitrary code via a crafted PICT file with an invalid bits_per_pixel field,...

  • EPSS 32.17%
  • Veröffentlicht 12.08.2008 23:41:00
  • Zuletzt bearbeitet 16.06.2026 22:55:52

WPGIMP32.FLT in Microsoft Office 2000 SP3, XP SP3, and 2003 SP2; Office Converter Pack; and Works 8 does not properly parse the length of a WordPerfect Graphics (WPG) file, which allows remote attackers to execute arbitrary code via a crafted WPG fil...

  • EPSS 17.4%
  • Veröffentlicht 07.07.2008 23:41:00
  • Zuletzt bearbeitet 16.06.2026 22:55:01

Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) si...

  • EPSS 30.87%
  • Veröffentlicht 13.05.2008 22:20:00
  • Zuletzt bearbeitet 16.06.2026 22:48:58

Unspecified vulnerability in Microsoft Publisher in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 SP1 and earlier allows remote attackers to execute arbitrary code via a Publisher file with crafted object header data that triggers memory corrupt...

  • EPSS 40.51%
  • Veröffentlicht 13.05.2008 22:20:00
  • Zuletzt bearbeitet 16.06.2026 22:50:58

Unspecified vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via a Rich Text Format (.rtf) file with a malformed string that triggers...

  • EPSS 30.87%
  • Veröffentlicht 13.05.2008 22:20:00
  • Zuletzt bearbeitet 16.06.2026 22:51:43

Use-after-free vulnerability in Microsoft Word in Office 2000 and XP SP3, 2003 SP2 and SP3, and 2007 Office System SP1 and earlier allows remote attackers to execute arbitrary code via an HTML document with a large number of Cascading Style Sheets (C...

Exploit
  • EPSS 52.03%
  • Veröffentlicht 21.04.2008 17:05:00
  • Zuletzt bearbeitet 16.06.2026 22:52:42

A certain ActiveX control in WkImgSrv.dll 7.03.0616.0, as distributed in Microsoft Works 7 and Microsoft Office 2003 and 2007, allows remote attackers to execute arbitrary code or cause a denial of service (browser crash) via an invalid WksPictureInt...

  • EPSS 32.11%
  • Veröffentlicht 08.04.2008 23:05:00
  • Zuletzt bearbeitet 16.06.2026 22:50:58

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a Visio file containing crafted object header data, aka "Visio Object Header Vulnerability...

  • EPSS 32.11%
  • Veröffentlicht 08.04.2008 23:05:00
  • Zuletzt bearbeitet 16.06.2026 22:50:58

Unspecified vulnerability in Microsoft Visio 2002 SP2, 2003 SP2 and SP3, and 2007 up to SP1 allows user-assisted remote attackers to execute arbitrary code via a crafted .DXF file, aka "Visio Memory Validation Vulnerability."