Total
345 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2012-1887 | 1 Microsoft | 2 Excel, Office | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1, and Office 2008 and 2011 for Mac, allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SST Invalid Length Use After Free Vulnerability." | |||||
| CVE-2013-3159 | 1 Microsoft | 1 Excel | 2025-04-11 | 4.3 MEDIUM | N/A |
| Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability." | |||||
| CVE-2011-1275 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3; Office 2004, 2008, and 2011 for Mac; and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Memory Heap Overwrite Vulnerability." | |||||
| CVE-2012-5672 | 1 Microsoft | 3 Excel, Excel Viewer, Office | 2025-04-11 | 4.3 MEDIUM | N/A |
| Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of service (read access violation and application crash) via a crafted spreadsheet file, as demonstrated by a .xls file with battery voltage data. | |||||
| CVE-2010-0262 | 1 Microsoft | 6 Excel, Office, Office Compatibility Pack and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Office Excel 2007 SP1 and SP2 and Office 2004 for Mac do not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers access of an uninitialized stack variable, aka "Microsoft Office Excel FNGROUPNAME Record Uninitialized Memory Vulnerability." | |||||
| CVE-2011-0105 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac obtain a certain length value from an uninitialized memory location, which allows remote attackers to trigger a buffer overflow and execute arbitrary code via a crafted Excel file, aka "Excel Data Initialization Vulnerability." | |||||
| CVE-2011-0101 | 1 Microsoft | 1 Excel | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted RealTimeData record, related to a stTopic field, double-byte characters, and an incorrect pointer calculation, aka "Excel Record Parsing WriteAV Vulnerability." | |||||
| CVE-2012-0184 | 1 Microsoft | 4 Excel, Excel Viewer, Office and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and SP3 do not properly handle memory during the opening of files, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel SXLI Record Memory Corruption Vulnerability." | |||||
| CVE-2012-0185 | 1 Microsoft | 3 Excel, Excel Viewer, Office Compatibility Pack | 2025-04-11 | 9.3 HIGH | N/A |
| Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet that triggers incorrect handling of memory during opening, aka "Excel MergeCells Record Heap Overflow Vulnerability." | |||||
| CVE-2010-0824 | 1 Microsoft | 2 Excel, Office | 2025-04-11 | 9.3 HIGH | N/A |
| Unspecified vulnerability in Microsoft Office Excel 2002 SP3 and Office 2004 for Mac allows remote attackers to execute arbitrary code via an Excel file with a malformed WOPT (0x80B) record, aka "Excel Record Memory Corruption Vulnerability," a different vulnerability than CVE-2010-0821 and CVE-2010-1245. | |||||
| CVE-2011-1988 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly parse records in Excel spreadsheets, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Heap Corruption Vulnerability." | |||||
| CVE-2010-3237 | 1 Microsoft | 2 Excel, Office | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3 and Office 2004 for Mac do not properly validate record information, which allows remote attackers to execute arbitrary code via a crafted Excel document, aka "Merge Cell Record Pointer Vulnerability." | |||||
| CVE-2011-1274 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds Array Access Vulnerability." | |||||
| CVE-2010-0257 | 1 Microsoft | 6 Excel, Office, Office Compatibility Pack and 3 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Office Excel 2002 SP3 does not properly parse the Excel file format, which allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Microsoft Office Excel Record Memory Corruption Vulnerability." | |||||
| CVE-2010-1253 | 1 Microsoft | 4 Excel, Office, Office Compatibility Pack and 1 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Office Excel 2002 SP3, 2007 SP1, and SP2; Office 2004 for mac; Office 2008 for Mac; Open XML File Format Converter for Mac; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; allows remote attackers to execute arbitrary code via an Excel file with crafted DBQueryExt records that allow a function call to a "user-controlled pointer," aka "Excel ADO Object Vulnerability." | |||||
| CVE-2011-0977 | 1 Microsoft | 1 Excel | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via malformed shape data in the Office drawing file format, aka "Microsoft Office Graphic Object Dereferencing Vulnerability." | |||||
| CVE-2011-1987 | 1 Microsoft | 5 Excel, Excel Viewer, Office and 2 more | 2025-04-11 | 9.3 HIGH | N/A |
| Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Out of Bounds Array Indexing Vulnerability." | |||||
| CVE-2011-1279 | 1 Microsoft | 3 Excel, Office, Open Xml File Format Converter | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac do not properly validate record information during parsing of Excel spreadsheets, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted spreadsheet, aka "Excel Out of Bounds WriteAV Vulnerability." | |||||
| CVE-2011-1986 | 1 Microsoft | 1 Excel | 2025-04-11 | 9.3 HIGH | N/A |
| Use-after-free vulnerability in Microsoft Excel 2003 SP3 allows remote attackers to execute arbitrary code via a crafted spreadsheet, aka "Excel Use after Free WriteAV Vulnerability." | |||||
| CVE-2013-1315 | 1 Microsoft | 9 Excel, Excel Viewer, Office and 6 more | 2025-04-11 | 9.3 HIGH | N/A |
| Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | |||||