Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Excel
(Microsoft)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 323 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2024-09-10 | CVE-2024-43465 | Microsoft Excel Elevation of Privilege Vulnerability | 365_apps, Excel, Office, Office_long_term_servicing_channel, Office_online_server | 7.8 | ||
2016-12-20 | CVE-2016-7262 | Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Viewer allow user-assisted remote attackers to execute arbitrary commands via a crafted cell that is mishandled upon a click, aka "Microsoft Office Security Feature Bypass Vulnerability." | Excel, Excel_viewer, Office_compatibility_pack | 7.8 | ||
2008-01-16 | CVE-2008-0081 | Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490. | Excel, Excel_viewer, Office | 9.8 | ||
2010-03-10 | CVE-2010-0258 | Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that causes memory to be interpreted as a different object type than intended, aka "Microsoft Office Excel... | Excel, Office, Office_compatibility_pack, Office_excel_viewer, Office_sharepoint_server, Open_xml_file_format_converter | 7.8 | ||
1999-05-07 | CVE-1999-0717 | A remote attacker can disable the virus warning mechanism in Microsoft Excel 97. | Excel, Windows_2000, Windows_95, Windows_98, Windows_nt | N/A | ||
1999-10-01 | CVE-1999-0794 | Microsoft Excel does not warn a user when a macro is present in a Symbolic Link (SYLK) format file. | Excel, Office | N/A | ||
2000-06-27 | CVE-2000-0597 | Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability. | Excel, Powerpoint | N/A | ||
2000-07-26 | CVE-2000-0637 | Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability. | Excel | N/A | ||
2002-08-12 | CVE-2002-0618 | The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution". | Excel, Office | N/A | ||
2005-12-09 | CVE-2005-4131 | Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538. | Excel | N/A |