Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Access
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2013-09-11 | CVE-2013-3157 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3155. | Access | N/A | ||
| 2013-09-11 | CVE-2013-3156 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access File Format Memory Corruption Vulnerability." | Access | N/A | ||
| 2013-09-11 | CVE-2013-3155 | Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file, aka "Access Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3157. | Access | N/A | ||
| 2010-07-15 | CVE-2010-1881 | The FieldList ActiveX control in the Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 does not properly interact with the memory-access approach used by Internet Explorer and Office during instantiation, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an HTML document that references this control along with crafted persistent storage data, aka "ACCWIZ.dll Uninitialized Variable Vulnerability." | Access | N/A | ||
| 2010-07-15 | CVE-2010-0814 | The Microsoft Access Wizard Controls in ACCWIZ.dll in Microsoft Office Access 2003 SP3 and 2007 SP1 and SP2 do not properly interact with the memory-allocation approach used by Internet Explorer during instantiation, which allows remote attackers to execute arbitrary code via a web site that references multiple ActiveX controls, as demonstrated by the ImexGrid and FieldList controls, aka "Access ActiveX Control Vulnerability." | Access | N/A | ||
| 2008-07-07 | CVE-2008-3068 | Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension. | Access, Excel, Frontpage, Groove, Infopath, Office, Office_communicator, Onenote, Outlook, Powerpoint, Project_professional, Project_standard, Publisher, Sharepoint_designer, Visio_professional, Visio_standard, Windows_live_mail | N/A | ||
| 2008-03-06 | CVE-2008-1200 | Unspecified vulnerability in Microsoft Access allows remote user-assisted attackers to execute arbitrary code via a crafted .MDB file, possibly related to Jet Engine (msjet40.dll). NOTE: this is probably a different issue than CVE-2007-6026. | Access, Jet | N/A | ||
| 2007-12-15 | CVE-2007-6357 | Stack-based buffer overflow in Microsoft Office Access allows remote, user-assisted attackers to execute arbitrary code via a crafted Microsoft Access Database (.mdb) file. NOTE: due to the lack of details as of 20071210, it is not clear whether this issue is the same as CVE-2007-6026 or CVE-2005-0944. | Access | N/A | ||
| 2007-02-03 | CVE-2007-0671 | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. | Access, Excel, Excel_viewer, Frontpage, Infopath, Office, Onenote, Outlook, Powerpoint, Project, Publisher, Visio, Word, Word_viewer | N/A | ||
| 2006-10-10 | CVE-2006-3877 | Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. | Access, Excel, Excel_viewer, Frontpage, Infopath, Office, Onenote, Outlook, Powerpoint, Project, Publisher, Visio, Word, Word_viewer | N/A |