| CVE |
Vendors |
Products |
Updated |
CVSS v3.1 |
| Use after free in Microsoft Office allows an unauthorized attacker to execute code locally. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Microsoft Office Word Tampering Vulnerability |
| Microsoft Word Information Disclosure Vulnerability |
| Improper access control in Microsoft Office allows an unauthorized attacker to perform spoofing locally. |
| Microsoft Office Security Feature Bypass Vulnerability |
| Microsoft Word Information Disclosure Vulnerability |
| Microsoft Word Remote Code Execution Vulnerability |
| Microsoft Office Remote Code Execution Vulnerability |
| Microsoft Word Security Feature Bypass Vulnerability |
| Microsoft Office Security Feature Bypass Vulnerability |
| Files or directories accessible to external parties in Microsoft Office Word allows an unauthorized attacker to disclose information locally. |
| Access of resource using incompatible type ('type confusion') in Microsoft Office Word allows an unauthorized attacker to execute code locally. |
| Improper access control in Microsoft Office Word allows an authorized attacker to perform spoofing locally. |
| Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow. |
| Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability." |
| Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: some of these details are obtained from third party information. |
| Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word file, a different issue than CVE-2006-3647 and CVE-2006-3651. |
