Filtered by vendor Microsoft
Subscribe
Total
21800 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2008-0111 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2018-10-12 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via crafted data validation records, aka "Excel Data Validation Record Vulnerability." | |||||
| CVE-2007-3891 | 1 Microsoft | 1 Windows Vista | 2018-10-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Windows Vista Weather Gadgets in Windows Vista allows remote attackers to execute arbitrary code via crafted HTML attributes. | |||||
| CVE-2008-0114 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2018-10-12 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote attackers to execute arbitrary code via crafted Style records that trigger memory corruption. | |||||
| CVE-2007-3890 | 1 Microsoft | 2 Excel, Office | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Excel in Office 2000 SP3, Office XP SP3, Office 2003 SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a Workspace with a certain index value that triggers memory corruption. | |||||
| CVE-2008-0105 | 1 Microsoft | 2 Office, Works | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Works 6 File Converter, as used in Office 2003 SP2 and SP3, Works 8.0, and Works Suite 2005, allows remote attackers to execute arbitrary code via a .wps file with crafted section header index table information, aka "Microsoft Works File Converter Index Table Vulnerability." | |||||
| CVE-2008-0084 | 1 Microsoft | 1 Windows Vista | 2018-10-12 | 7.8 HIGH | N/A |
| Unspecified vulnerability in the TCP/IP support in Microsoft Windows Vista allows remote DHCP servers to cause a denial of service (hang and restart) via a crafted DHCP packet. | |||||
| CVE-2007-3032 | 1 Microsoft | 1 Windows Vista | 2018-10-12 | 6.8 MEDIUM | N/A |
| Unspecified vulnerability in Windows Vista Contacts Gadget in Windows Vista allows user-assisted remote attackers to execute arbitrary code via crafted contact information that is not properly handled when it is imported. | |||||
| CVE-2007-3033 | 1 Microsoft | 1 Windows Vista | 2018-10-12 | 4.3 MEDIUM | N/A |
| Cross-site scripting (XSS) vulnerability in Windows Vista Feed Headlines Gadget (aka Sidebar RSS Feeds Gadget) in Windows Vista allows user-assisted remote attackers to execute arbitrary code via an RSS feed with crafted HTML attributes, which are not properly removed and are rendered in the local zone. | |||||
| CVE-2007-1201 | 1 Microsoft | 5 Biztalk Server, Commerce Server, Internet Security And Acceleration Server and 2 more | 2018-10-12 | 9.3 HIGH | N/A |
| Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attackers to execute arbitrary code via vectors related to DataSource that trigger memory corruption, aka "Office Web Components DataSource Vulnerability." | |||||
| CVE-2007-3030 | 1 Microsoft | 2 Excel, Excel Viewer | 2018-10-12 | 7.6 HIGH | N/A |
| Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a malformed Excel file involving the "denoting [of] the start of a Workspace designation", which results in memory corruption, aka the "Workbook Memory Corruption Vulnerability". | |||||
| CVE-2007-2931 | 1 Microsoft | 2 Msn Messenger, Windows Live Messenger | 2018-10-12 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Microsoft MSN Messenger 6.2, 7.0, and 7.5, and Live Messenger 8.0 allows user-assisted remote attackers to execute arbitrary code via unspecified vectors involving video conversation handling in Web Cam and video chat sessions. | |||||
| CVE-2007-3036 | 1 Microsoft | 5 Windows 2000, Windows 2003 Server, Windows Services For Unix and 2 more | 2018-10-12 | 6.9 MEDIUM | N/A |
| Unspecified vulnerability in the (1) Windows Services for UNIX 3.0 and 3.5, and (2) Subsystem for UNIX-based Applications in Microsoft Windows 2000, XP, Server 2003, and Vista allows local users to gain privileges via unspecified vectors related to "certain setuid binary files." | |||||
| CVE-2007-0948 | 1 Microsoft | 2 Virtual Pc, Virtual Server | 2018-10-12 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Microsoft Virtual PC 2004 and PC for Mac 7.1 and 7, and Virtual Server 2005 and 2005 R2, allows local guest OS administrators to execute arbitrary code on the host OS via unspecified vectors related to "interaction and initialization of components." | |||||
| CVE-2007-0515 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2018-10-12 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. | |||||
| CVE-2007-0209 | 1 Microsoft | 2 Office, Works | 2018-10-12 | 9.3 HIGH | N/A |
| Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a Word file with a malformed drawing object, which leads to memory corruption. | |||||
| CVE-2007-0065 | 1 Microsoft | 6 Office, Visual Basic, Windows 2000 and 3 more | 2018-10-12 | 10.0 HIGH | N/A |
| Heap-based buffer overflow in Object Linking and Embedding (OLE) Automation in Microsoft Windows 2000 SP4, XP SP2, Server 2003 SP1 and SP2, Vista, Office 2004 for Mac, and Visual basic 6.0 SP6 allows remote attackers to execute arbitrary code via a crafted script request. | |||||
| CVE-2007-0214 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2018-10-12 | 9.3 HIGH | N/A |
| The HTML Help ActiveX control (Hhctrl.ocx) in Microsoft Windows 2000 SP3, XP SP2 and Professional, 2003 SP1 allows remote attackers to execute arbitrary code via unspecified functions, related to uninitialized parameters. | |||||
| CVE-2007-0675 | 1 Microsoft | 1 Windows Vista | 2018-10-12 | 7.6 HIGH | N/A |
| A certain ActiveX control in sapi.dll (aka the Speech API) in Speech Components in Microsoft Windows Vista, when the Speech Recognition feature is enabled, allows user-assisted remote attackers to delete arbitrary files, and conduct other unauthorized activities, via a web page with an embedded sound object that contains voice commands to an enabled microphone, allowing for interaction with Windows Explorer. | |||||
| CVE-2007-0211 | 1 Microsoft | 2 Windows 2003 Server, Windows Xp | 2018-10-12 | 7.2 HIGH | N/A |
| The hardware detection functionality in the Windows Shell in Microsoft Windows XP SP2 and Professional, and Server 2003 SP1 allows local users to gain privileges via an unvalidated parameter to a function related to the "detection and registration of new hardware." | |||||
| CVE-2007-0026 | 1 Microsoft | 3 Windows 2000, Windows 2003 Server, Windows Xp | 2018-10-12 | 7.6 HIGH | N/A |
| The OLE Dialog component in Microsoft Windows 2000 SP4, XP SP2, and 2003 SP1 allows user-assisted remote attackers to execute arbitrary code via an RTF file with a malformed OLE object that triggers memory corruption. | |||||