CVSS: 9.3EPSS: 43%CPEs: 12EXPL: 0CVE-2006-1304
https://notcve.org/view.php?id=CVE-2006-1304
13 Jul 2006 — Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation." Desbordamiento de búfer en Microsoft Excel 2000 hasta 2003 permite a atacantes con la intervención del usuario ejecutar código de su elección mediante un fichero .xls con un registro COLINFO artesanal, lo que dispara el desbordamiento durante una "operación de relleno de datos" • http://securitytracker.com/id?1016472 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 42%CPEs: 13EXPL: 0CVE-2006-1306
https://notcve.org/view.php?id=CVE-2006-1306
13 Jul 2006 — Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability." Microsoft Excel 2000 a 2004 permite a atacantes con implicación del usuario ejecutar código de su elección mediante un fichero .xls con un registro BIFF artesanal con un índice de array controlado por el atacante que es usado para un puntero a función, tcc... • http://securitytracker.com/id?1016472 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.8EPSS: 40%CPEs: 13EXPL: 0CVE-2006-2388 – Microsoft Office Excel File Rebuilding Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2006-2388
11 Jul 2006 — Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process. Microsoft Office Excel 2000 hasta la versión 2004 permite a atacantes asistidos por el usuario ejecutar código arbitrario a través de comentarios de celdas mal formadas, lo que conduce a modificación de "desplazamiento de datos críticos" durante el proceso de reconstrucción. This vulnerability allow... • http://securitytracker.com/id?1016472 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 75%CPEs: 12EXPL: 1CVE-2006-3059 – Microsoft Excel - Code Execution
https://notcve.org/view.php?id=CVE-2006-3059
17 Jun 2006 — Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086. Vulnerabilidad no especificada en Microsoft Excel v2000 hasta la v2004 que permite a usuarios atacantes ejecutar código de su elección a través de vectores desconocidos. NOTA: esta es una vulnerabilidad diferente de CVE-2006-3086. • https://www.exploit-db.com/exploits/1944 •
CVSS: 7.8EPSS: 40%CPEs: 11EXPL: 0CVE-2006-0029
https://notcve.org/view.php?id=CVE-2006-0029
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption. • http://secunia.com/advisories/19138 •
CVSS: 7.8EPSS: 59%CPEs: 11EXPL: 1CVE-2006-0030 – Microsoft Excel 95 < 2004 - Malformed Graphic File Code Execution
https://notcve.org/view.php?id=CVE-2006-0030
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption. • https://www.exploit-db.com/exploits/27055 •
CVSS: 7.8EPSS: 51%CPEs: 11EXPL: 0CVE-2006-0028 – Microsoft Excel File Format Parsing Vulnerability
https://notcve.org/view.php?id=CVE-2006-0028
14 Mar 2006 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office. Exploitation requires that the attacker coerce the target into opening a malicious .... • http://secunia.com/advisories/19138 •
CVSS: 7.8EPSS: 69%CPEs: 14EXPL: 1CVE-2005-4131 – Microsoft Excel 95/97/2000/2002/2003/2004 - Malformed Range Memory Corruption
https://notcve.org/view.php?id=CVE-2005-4131
09 Dec 2005 — Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538. • https://www.exploit-db.com/exploits/26769 •
CVSS: 8.8EPSS: 49%CPEs: 7EXPL: 0CVE-2004-0846
https://notcve.org/view.php?id=CVE-2004-0846
16 Oct 2004 — Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated. Vulnerabilidad desconocida en Microsoft Excel 2000, 2002, 2001 para Mac y v.X para Mac permite a atacantes remotos ejecutar código de su elección mediante un fichero malicioso conteniendo ciertos parámetros que no son validados adecuadamente. • http://marc.info/?l=bugtraq&m=109779810827096&w=2 •
CVSS: 6.5EPSS: 32%CPEs: 18EXPL: 3CVE-2002-1143 – Microsoft Word 95/97/98/2000/2002 - 'INCLUDEPICTURE' Document Sharing File Disclosure
https://notcve.org/view.php?id=CVE-2002-1143
03 Apr 2003 — Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fields and Excel External Updates Could Lead to Information Disclosure." Microsoft Word y Excel permite a atacantes remotos robar información sensible mediante ciertos códigos de campo que insertan la información cuando el documento es devuelto al... • https://www.exploit-db.com/exploits/21812 •