Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Word
(Microsoft)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 218 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2006-10-10 | CVE-2006-3651 | Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693. | Office, Word | N/A | ||
| 2006-02-28 | CVE-2006-0935 | Microsoft Word 2003 allows remote attackers to cause a denial of service (application crash) via a crafted file, as demonstrated by 101_filefuzz. | Word | N/A | ||
| 2005-05-20 | CVE-2005-1683 | Buffer overflow in winword.exe 10.2627.6714 and earlier in Microsoft Word for the Macintosh, before SP3 for Word 2002, allows remote attackers to cause a denial of service and possibly execute arbitrary code via a crafted mcw file. | Word | N/A | ||
| 2005-07-12 | CVE-2005-0564 | Stack-based buffer overflow in Microsoft Word 2000 and Word 2002, and Microsoft Works Suites 2000 through 2004, might allow remote attackers to execute arbitrary code via a .doc file with long font information. | Word | N/A | ||
| 2005-05-02 | CVE-2005-0558 | Buffer overflow in Microsoft Word 2000, Word 2002, and Word 2003 allows remote attackers to execute arbitrary code via a crafted document. | Word | N/A | ||
| 2005-02-09 | CVE-2004-0963 | Buffer overflow in Microsoft Word 2002 (10.6612.6714) SP3, and possibly other versions, allows remote attackers to cause a denial of service (application exception) and possibly execute arbitrary code in winword.exe via certain unexpected values in a .doc file, including (1) an offset that triggers an out-of-bounds memory access, (2) a certain value that causes a large memory copy as triggered by an integer conversion error, and other values. | Word | N/A | ||
| 2005-02-08 | CVE-2004-0848 | Buffer overflow in Microsoft Office XP allows remote attackers to execute arbitrary code via a link with a URL file location containing long inputs after (1) "%00 (null byte) in .doc filenames or (2) "%0a" (carriage return) in .rtf filenames. | Office, Powerpoint, Project, Visio, Word, Works | N/A | ||
| 2004-09-28 | CVE-2004-0573 | Buffer overflow in the converter for Microsoft WordPerfect 5.x on Office 2000, Office XP, Office 2003, and Works Suites 2001 through 2004 allows remote attackers to execute arbitrary code via a malicious document or website. | Frontpage, Office, Publisher, Word, Works | N/A | ||
| 2004-09-28 | CVE-2004-0200 | Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. | \.net_framework, Digital_image_pro, Digital_image_suite, Excel, Frontpage, Greetings, Infopath, Office, Onenote, Outlook, Picture_it, Powerpoint, Producer, Project, Publisher, Visio, Visual_basic, Visual_c\#, Visual_c\+\+, Visual_j\#_\.net, Visual_studio_\.net, Windows_2003_server, Windows_xp, Word | N/A | ||
| 2003-12-15 | CVE-2003-0821 | Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model. | Word, Works | N/A |