Download
| Alert*
oval:org.mitre.oval:def:481
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875. oval:org.mitre.oval:def:486 Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2006-2387 and CVE-2006-3867. oval:org.mitre.oval:def:431 Buffer overflow in certain Asian language versions of Microsoft Excel might allow user-assisted attackers to execute arbitrary code via a crafted STYLE record in a spreadsheet that triggers the overflow when the user attempts to repair the document or selects the "Style" option, as demonstrated by n ... oval:org.mitre.oval:def:439 The application Microsoft Excel Viewer 2003 is installed. oval:org.mitre.oval:def:537 Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086. oval:org.mitre.oval:def:379 Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability." oval:org.mitre.oval:def:2064 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a crafted AutoFilter filter record in an Excel BIFF8 format XLS file, which triggers memory corruption. oval:org.mitre.oval:def:243 Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value. oval:org.mitre.oval:def:950 Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability." oval:org.mitre.oval:def:557 Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302. oval:org.mitre.oval:def:545 Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation." oval:org.mitre.oval:def:752 Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption. oval:org.mitre.oval:def:234 Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process. oval:org.mitre.oval:def:1102 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability." oval:org.mitre.oval:def:323 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory. oval:org.mitre.oval:def:1971 Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption. oval:org.mitre.oval:def:2014 Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a crafted set font value in an Excel file, which results in memory corruption. oval:org.mitre.oval:def:2123 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which allows user-assisted remote attackers to execute arbitrary code via a crafted Excel file, aka "Calculation Error Vulnerability". oval:org.mitre.oval:def:1709 Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook Memory Corruption Vulnera ... oval:org.mitre.oval:def:2149 Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption. oval:org.mitre.oval:def:570 Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an XLS file, a different vulnerability than CVE-2006-3867 ... oval:org.mitre.oval:def:768 Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an ear ... oval:org.mitre.oval:def:6521 Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows rem ... oval:org.mitre.oval:def:5556 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote at ... oval:org.mitre.oval:def:5830 Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; and Microsoft Office Excel Viewer 2003 SP3 allow remote attackers to execute arbitrary code via a crafted Excel file with a malformed record object, aka "Reco ... oval:org.mitre.oval:def:6526 Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remo ... oval:org.secpod.oval:def:2994 The host is missing a critical security update according to Microsoft security bulletin, MS08-074. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Office Excel, which fails to properly handle specially crafted Excel file. Successful exploitatio ... oval:org.secpod.oval:def:2632 The host is missing an important security update according to Microsoft bulletin, MS08-043. The update is required to fix a remote code execution vulnerability. The flaws are present in the Excel parses record values, index values and array index when loading Excel files into memory and when data co ... oval:org.mitre.oval:def:5421 Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code via an Excel document with malformed cell comments that trigger memory corruption from an "allocation error," aka "Microsoft Office Cell Parsing Memory Corruption ... oval:org.mitre.oval:def:6474 Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a spreadsheet with a malformed record object, aka "Excel SxView Memory Corruption Vulnerability." oval:org.mitre.oval:def:6518 Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allow remo ... oval:org.secpod.oval:def:2285 The host is missing a critical security update according to Microsoft security bulletin, MS09-067. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Office Excel, which fails to handle malformed records. Successful exploitation allows an atta ... oval:org.mitre.oval:def:6102 Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office SharePoint Server 2007 Gold and SP ... oval:org.mitre.oval:def:5808 Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Excel spreadsheet with a NAME record that contains an ... oval:org.mitre.oval:def:6178 Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility P ... oval:org.mitre.oval:def:5925 Integer overflow in Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; Microsoft Office ... oval:org.mitre.oval:def:5885 Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP2 and SP3; Office Excel Viewer 2003; and Office 2004 and 2008 for Mac do not properly validate index values for AxesSet records when loading Excel files, which allows remote attackers to execute arbitrary code via a crafted Excel file, aka the "E ... oval:org.secpod.oval:def:2293 The host is missing a critical security update according to Microsoft security bulletin, MS09-009. The update is required to fix remote code execution vulnerabilities in Microsoft Office Excel. The flaws are present in the Microsoft Office Excel, which fails handle a specially crafted Excel file. Su ... oval:org.mitre.oval:def:5750 Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3; Office Excel Viewer; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File For ... oval:org.mitre.oval:def:5114 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability." oval:org.mitre.oval:def:6043 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel in Microsoft Office 2004 and 2008 for Mac; Microsoft Office Excel Viewer and Excel Viewer 2003 SP3; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 do not properly parse the Excel s ... oval:org.mitre.oval:def:5878 Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer 2003 SP3; Office Excel Viewer SP1 and SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 do not pro ... oval:org.mitre.oval:def:5512 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via malformed formulas, aka "Excel Formula Parsing Vulnerability." oval:org.secpod.oval:def:2369 The host is missing a critical security update according to Microsoft security bulletin, MS09-021. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Office Excel, which fails to handle a specially crafted Excel file that includes a malformed ... oval:org.mitre.oval:def:6146 Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer 2003 SP3 do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Cache Memory ... oval:org.mitre.oval:def:5212 Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote attackers to execute arbitrary code via malformed tags in rich text, aka "Excel Rich Text Validation Vulnerability." oval:org.mitre.oval:def:5456 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption. oval:org.mitre.oval:def:5564 Excel in Microsoft Office 2000 SP3, Office XP SP3, Office 2003 SP3, and Office 2004 and 2008 for Mac; Excel in 2007 Microsoft Office System SP1 and SP2; Open XML File Format Converter for Mac; Microsoft Office Excel Viewer 2003 SP3; Microsoft Office Excel Viewer; and Microsoft Office Compatibility P ... oval:org.mitre.oval:def:5561 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 Gold and SP3; Office Excel Viewer; Office Compatibility Pack 2007 Gold and SP1; Office SharePoint Server 2007 Gold and SP1; and Office 2004 and 2008 for Mac do not properly parse Country reco ... oval:org.mitre.oval:def:5968 Microsoft Office Excel 2000 SP3, 2002 SP3, 2003 SP3, and 2007 SP1; Excel Viewer 2003 Gold and SP3; Excel Viewer; Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1; and Excel in Microsoft Office 2004 and 2008 for Mac allow remote attackers to execute arbitrary code via a crafte ... oval:org.secpod.oval:def:2663 The host is missing a critical security update according to Microsoft security bulletin, MS09-062. The update is required to fix remote code execution vulnerabilities. The flaws are present in the Microsoft Windows GDI+, which fails to validate data within GDI+ when rendering WMF images and improper ... oval:org.secpod.oval:def:2583 The host is missing a critical security update according to Microsoft security bulletin, MS08-057. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the application which fails to properly handle specially crafted Excel file. Successful exploitati ... oval:org.secpod.oval:def:2637 The host is missing an important security update according to Microsoft bulletin, MS08-014. The update is required to fix a remote code execution vulnerability. A flaw is present in the way excel processes data validation records when loading Excel files into memory. Successfully exploitation could ... oval:org.mitre.oval:def:5546 Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted macros, aka "Macro Validation Vulnerability," a different vulnerability than CVE-2007-3490. oval:org.mitre.oval:def:6491 GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Off ... oval:org.mitre.oval:def:279 Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with a malformed property that triggers memory corruption related to record lengths, "Microsoft Office Prop ... oval:org.mitre.oval:def:5898 Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office Ex ... oval:org.mitre.oval:def:301 Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. oval:org.mitre.oval:def:389 Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption. oval:org.mitre.oval:def:5800 Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3 ... oval:org.mitre.oval:def:6282 Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2 and SP3, Windows Server 2003 SP2, Vista Gold and SP1, Server 2008 Gold, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project ... oval:org.mitre.oval:def:632 Unspecified vulnerability in mso.dll in Microsoft Office 2000, XP, and 2003, and Microsoft PowerPoint 2000, XP, and 2003, allows remote user-assisted attackers to execute arbitrary code via a malformed record in a (1) .DOC, (2) .PPT, or (3) .XLS file that triggers memory corruption, related to an "a ... oval:org.mitre.oval:def:639 MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record with a malformed string, as demonstrated by replacing a c ... oval:org.mitre.oval:def:1090 The RichEdit component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1; Office 2000 SP3, XP SP3, 2003 SP2, and Office 2004 for Mac; and Learning Essentials for Microsoft Office 1.0, 1.1, and 1.5 allows user-assisted remote attackers to execute arbitrary code via a malformed OLE object in an RTF ... oval:org.mitre.oval:def:222 Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record that triggers an overwrite of pointer values with value ... oval:org.mitre.oval:def:2051 Unspecified vulnerability in MSO.dll in Microsoft Office 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and 2007 allows user-assisted remote attackers to execute arbitrary code via a malformed drawing object, which triggers memory corruption. oval:org.mitre.oval:def:6134 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E ... oval:org.mitre.oval:def:5967 Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Office Project 2002 SP1, Visio 2002 SP2, Office Word Viewer, Word Viewer 2003 Gold and SP3, Office Excel Viewer 2003 Gold and SP3, Office E ... oval:org.secpod.oval:def:2725 The host is missing a critical security update according to Microsoft security bulletin, MS08-016. The update is required to fix remote code execution vulnerabilities. The flaws are present in Microsoft Office, which fails to handle a malformed Office file. Successful exploitation could allow an att ... oval:org.mitre.oval:def:918 Unspecified vulnerability in Microsoft Office 2003 SP1 and SP2, Office XP SP3, Office 2000 SP3, and other products, allows user-assisted attackers to execute arbitrary code via an Office file with malformed string that triggers memory corruption related to record lengths, "Microsoft Office Parsing ... oval:org.mitre.oval:def:740 Unspecified vulnerability in Microsoft Office XP and 2003 allows remote user-assisted attackers to execute arbitrary code via a malformed Smart Tag. |