Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Access
(Microsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 19 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2020-08-17 | CVE-2020-1582 | A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.... | 365_apps, Access, Office | 7.8 | ||
2000-10-20 | CVE-2000-0788 | The Mail Merge tool in Microsoft Word does not prompt the user before executing Visual Basic (VBA) scripts in an Access database, which could allow an attacker to execute arbitrary commands. | Access, Word | N/A | ||
2020-04-15 | CVE-2020-0760 | A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. | Access, Excel, Office, Office_365_proplus, Outlook, Powerpoint, Project, Publisher, Visio, Word | 8.8 | ||
2018-03-14 | CVE-2018-0903 | Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerability". | Access, Office | 7.8 | ||
2018-07-10 | CVE-2018-8312 | A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory, aka "Microsoft Access Remote Code Execution Vulnerability." This affects Microsoft Access, Microsoft Office. | Access, Office | 7.8 | ||
2015-11-11 | CVE-2015-2503 | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1,... | Access, Excel, Infopath, Lync, Office_2007_ime, Onenote, Pinyin_ime, Powerpoint, Project, Project_server, Publisher, Skype_for_business, Visio, Word | N/A | ||
2013-09-11 | CVE-2013-3157 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3155. | Access | N/A | ||
2013-09-11 | CVE-2013-3156 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerability." | Access | N/A | ||
2013-09-11 | CVE-2013-3155 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3157. | Access | N/A | ||
2010-07-15 | CVE-2010-1881 | The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka "ACCWIZ.dll Uninitialized Variable Vulnerability." | Access | N/A |