Microsoft Office Word vulnerabilities
14 known vulnerabilities affecting microsoft/office_word.
Total CVEs
14
CISA KEV
0
Public exploits
1
Exploited in wild
1
Severity breakdown
CRITICAL14
Vulnerabilities
Page 1 of 1
CVE-2009-2506CRITICALCVSS 9.3v2002v20032009-12-09
CVE-2009-2506 [CRITICAL] CWE-189 CVE-2009-2506: Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; O
Integer overflow in the text converters in Microsoft Office Word 2002 SP3 and 2003 SP3; Works 8.5; Office Converter Pack; and WordPad in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP2 allows remote attackers to execute arbitrary code via a DOC file with an invalid number of property names in the DocumentSummaryInformation stream, which trigge
nvd
CVE-2009-3135CRITICALCVSS 9.3v2002v20032009-11-11
CVE-2009-3135 [CRITICAL] CWE-119 CVE-2009-3135: Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for
Stack-based buffer overflow in Microsoft Office Word 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, Office Word Viewer 2003 SP3, and Office Word Viewer allow remote attackers to execute arbitrary code via a Word document with a malformed File Information Block (FIB) structure, aka "Microsoft Office Word
nvd
CVE-2009-0565CRITICALCVSS 9.3PoCv2000v2002+2 more2009-06-10
CVE-2009-0565 [CRITICAL] CWE-119 CVE-2009-0565: Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office
Buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, and 2007 SP1 and SP2; Microsoft Office for Mac 2004 and 2008; Open XML File Format Converter for Mac; and Microsoft Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2 allows remote attackers to execute arbitrary code via a Word document with a malformed
nvd
CVE-2009-0087CRITICALCVSS 9.3v2000v20022009-04-15
CVE-2009-0087 [CRITICAL] CVE-2009-0087: Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP
Unspecified vulnerability in the Word 6 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and the Word 6 text converter in Microsoft Office Word 2000 SP3 and 2002 SP3; allows remote attackers to execute arbitrary code via a crafted Word 6 file that contains malformed data, aka "WordPad and Office Text Conve
nvd
CVE-2009-0088CRITICALCVSS 9.3v2000v20022009-04-15
CVE-2009-0088 [CRITICAL] CWE-20 CVE-2009-0088: The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Micro
The WordPerfect 6.x Converter (WPFT632.CNV, 1998.1.27.0) in Microsoft Office Word 2000 SP3 and Microsoft Office Converter Pack does not properly validate the length of an unspecified string, which allows remote attackers to execute arbitrary code via a crafted WordPerfect 6.x file, related to an unspecified counter and control structures on the stack
nvd
CVE-2008-4025CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4025 [CRITICAL] CWE-119 CVE-2008-4025: Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlo
Integer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute a
nvd
CVE-2008-4027CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4027 [CRITICAL] CWE-399 CVE-2008-4027: Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and S
Double free vulnerability in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Office 2004 for Mac allow remote attackers to execute arbitrary code via a crafted (1) RTF file
nvd
CVE-2008-4028CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4028 [CRITICAL] CWE-119 CVE-2008-4028: Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via cr
nvd
CVE-2008-4837CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4837 [CRITICAL] CWE-119 CVE-2008-4837: Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and
Stack-based buffer overflow in Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; and Microsoft Works 8 allow remote attackers to execute arbitrary code via a crafted Word document that contains a malformed
nvd
CVE-2008-4026CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4026 [CRITICAL] CWE-399 CVE-2008-4026: Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Word document that
nvd
CVE-2008-4030CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4030 [CRITICAL] CVE-2008-4030: Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1 allow remote attackers to execute arbitrary code via crafted control words in (1) an RTF file or (2) a rich text e-mail message, whic
nvd
CVE-2008-4024CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4024 [CRITICAL] CWE-94 CVE-2008-4024: Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execut
Microsoft Office Word 2000 SP3 and 2002 SP3 and Office 2004 for Mac allow remote attackers to execute arbitrary code via a Word document with a crafted lcbPlcfBkfSdt field in the File Information Block (FIB), which bypasses an initialization step and triggers an "arbitrary free," aka "Word Memory Corruption Vulnerability."
nvd
CVE-2008-4031CRITICALCVSS 9.3v2000v2002+2 more2008-12-10
CVE-2008-4031 [CRITICAL] CWE-399 CVE-2008-4031: Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1
Microsoft Office Word 2000 SP3, 2002 SP3, 2003 SP3, and 2007 Gold and SP1; Outlook 2007 Gold and SP1; Word Viewer 2003 Gold and SP3; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats Gold and SP1; Office 2004 and 2008 for Mac; and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a
nvd
CVE-2008-2244CRITICALCVSS 9.3Exploitedv20022008-07-09
CVE-2008-2244 [CRITICAL] CWE-399 CVE-2008-2244: Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file tha
Microsoft Office Word 2002 SP3 allows remote attackers to execute arbitrary code via a .doc file that contains malformed data, as exploited in the wild in July 2008, and as demonstrated by attachement.doc.
nvd