Filtered by vendor Microsoft
Subscriptions
Filtered by product Word
Subscriptions
Total
244 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2014-0260 | 1 Microsoft | 6 Office Compatibility Pack, Office Web Apps, Office Web Apps Server and 3 more | 2025-04-11 | N/A |
| Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office Compatibility Pack SP3; Word Viewer; SharePoint Server 2010 SP1 and SP2 and 2013; Office Web Apps 2010 SP1 and SP2; and Office Web Apps Server 2013 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2013-3850 | 1 Microsoft | 3 Office Compatibility Pack, Word, Word Viewer | 2025-04-11 | N/A |
| Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2013-3852 | 1 Microsoft | 3 Office Compatibility Pack, Word, Word Viewer | 2025-04-11 | N/A |
| Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2013-3854 | 1 Microsoft | 2 Office, Word | 2025-04-11 | N/A |
| Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3853. | ||||
| CVE-2013-3856 | 1 Microsoft | 2 Word, Word Viewer | 2025-04-11 | N/A |
| Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2012-0765 | 2 Adobe, Microsoft | 3 Robohelp, Windows, Word | 2025-04-11 | N/A |
| Multiple cross-site scripting (XSS) vulnerabilities in Adobe RoboHelp 8 and 9 for Word allow remote attackers to inject arbitrary web script or HTML via a crafted URL, related to certain .htm files in (1) template_stock and (2) template_csh directories. | ||||
| CVE-2008-2752 | 1 Microsoft | 1 Word | 2025-04-09 | N/A |
| Microsoft Word 2000 9.0.2812 and 2003 11.8106.8172 does not properly handle unordered lists, which allows user-assisted remote attackers to cause a denial of service (memory corruption and application crash) or possibly execute arbitrary code via a crafted .doc file. NOTE: some of these details are obtained from third party information. | ||||
| CVE-2007-3899 | 1 Microsoft | 2 Office, Word | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2000 SP3, Word 2002 SP3, and Office 2004 for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string in a Word file, aka "Word Memory Corruption Vulnerability." | ||||
| CVE-2008-1092 | 1 Microsoft | 4 Windows 2000, Windows 2003 Server, Windows Xp and 1 more | 2025-04-09 | N/A |
| Buffer overflow in msjet40.dll before 4.0.9505.0 in Microsoft Jet Database Engine allows remote attackers to execute arbitrary code via a crafted Word file, as exploited in the wild in March 2008. NOTE: as of 20080513, Microsoft has stated that this is the same issue as CVE-2007-6026. | ||||
| CVE-2006-3651 | 1 Microsoft | 2 Office, Word | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via a crafted mail merge file, a different vulnerability than CVE-2006-3647 and CVE-2006-4693. | ||||
| CVE-2006-4693 | 1 Microsoft | 2 Office, Word | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2004 for Mac and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word file, a different issue than CVE-2006-3647 and CVE-2006-3651. | ||||
| CVE-2007-1910 | 1 Microsoft | 1 Word | 2025-04-09 | N/A |
| Buffer overflow in wwlib.dll in Microsoft Word 2007 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a crafted document, as demonstrated by file789-1.doc. | ||||
| CVE-2007-1202 | 1 Microsoft | 3 Word, Word Viewer, Works | 2025-04-09 | N/A |
| Word (or Word Viewer) in Microsoft Office 2000 SP3, XP SP3, 2003 SP2, 2004 for Mac, and Works Suite 2004, 2005, and 2006 does not properly parse certain rich text "property strings of certain control words," which allows user-assisted remote attackers to trigger heap corruption and execute arbitrary code, aka the "Word RTF Parsing Vulnerability." | ||||
| CVE-2007-0515 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word allows user-assisted remote attackers to execute arbitrary code on Word 2000, and cause a denial of service on Word 2003, via unknown attack vectors that trigger memory corruption, as exploited by Trojan.Mdropper.W and later by Trojan.Mdropper.X, a different issue than CVE-2006-6456, CVE-2006-5994, and CVE-2006-6561. | ||||
| CVE-2006-6456 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2000, 2002, and 2003 and Word Viewer 2003 allows remote attackers to execute code via unspecified vectors related to malformed data structures that trigger memory corruption, a different vulnerability than CVE-2006-5994. | ||||
| CVE-2007-0870 | 1 Microsoft | 1 Word | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2000 allows remote attackers to cause a denial of service (crash) via unknown vectors, a different vulnerability than CVE-2006-5994, CVE-2006-6456, CVE-2006-6561, and CVE-2007-0515, a variant of Exploit-MS06-027. | ||||
| CVE-2007-0208 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2025-04-09 | N/A |
| Microsoft Word in Office 2000 SP3, XP SP3, Office 2003 SP2, Works Suite 2004 to 2006, and Office 2004 for Mac does not correctly check the properties of certain documents and warn the user of macro content, which allows user-assisted remote attackers to execute arbitrary code. | ||||
| CVE-2007-1911 | 1 Microsoft | 1 Word | 2025-04-09 | N/A |
| Multiple unspecified vulnerabilities in Microsoft Word 2007 allow remote attackers to cause a denial of service (CPU consumption) via crafted documents, as demonstrated by (1) file798-1.doc and (2) file613-1.doc, possibly related to a buffer overflow. | ||||
| CVE-2006-5994 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2000 and 2002, Office Word and Word Viewer 2003, Word 2004 and 2004 v. X for Mac, and Works 2004, 2005, and 2006 allows remote attackers to execute arbitrary code via a Word document with a malformed string that triggers memory corruption, a different vulnerability than CVE-2006-6456. | ||||
| CVE-2006-6561 | 1 Microsoft | 4 Office, Word, Word Viewer and 1 more | 2025-04-09 | N/A |
| Unspecified vulnerability in Microsoft Word 2000, 2002, and Word Viewer 2003 allows user-assisted remote attackers to execute arbitrary code via a crafted DOC file that triggers memory corruption, as demonstrated via the 12122006-djtest.doc file, a different issue than CVE-2006-5994 and CVE-2006-6456. | ||||