CVE Daily
← All tags

Tag: Microsoft Office

All CVEs associated with "Microsoft Office". Page 16/16 • 1815 CVEs.

Subscribe CVEs: RSS for “Microsoft Office”  ·  RSS (High+Critical only)

About “Microsoft Office”

A curated feed of “Microsoft Office”-related CVEs appears below. We currently track 1815 CVEs for this tag (all time). In the last 365 days, 254 were published. Average CVSS is 7.5 (all time; 7.5 over 365d), and 68% are rated High/Critical (all time). Top CWEs (last 365 days): CWE-416 - Use After Free, CWE-122 - Heap-based Buffer Overflow, CWE-79 - Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting').

In our taxonomy this topic maps to a LOW impact class. Vendor advisories and release notes are key. Verify compatibility matrices, prefer supported long term versions, and stage rollouts with monitoring. Use the filters below to sort by CVSS, risk and CWE. Each detail page highlights vendor advisories and mitigation tips.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2001-08-07
Medium

CVE-2001-1259

Avaya Argent Office allows remote attackers to cause a denial of service by sending UDP packets to port 53 with no payload.

CVSS: 5.0 CWE: N/A View on NVD
Critical

CVE-2001-1260

Avaya Argent Office uses weak encryption (trivial encoding) for passwords, which allows remote attackers to gain administrator privileges by sniffing and decrypting the sniffing the passwords during…

CVSS: 10.0 CWE: N/A View on NVD
Medium

CVE-2001-1261

Avaya Argent Office 2.1 may allow remote attackers to change hold music by spoofing a legitimate server's response to a TFTP broadcast and providing an alternate HoldMusic file.

CVSS: 5.0 CWE: N/A View on NVD
High

CVE-2001-1262

Avaya Argent Office 2.1 compares a user-provided SNMP community string with the correct string only up to the length of the user-provided string, which allows remote attackers to bypass authenticatio…

CVSS: 7.5 CWE: N/A View on NVD
2001-07-16
High

CVE-2001-1316

Buffer overflows in Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, as demonstrated by the PROTOS LDAPv3 test su…

CVSS: 7.5 CWE: N/A View on NVD
High

CVE-2001-1317

Teamware Office Enterprise Directory allows remote attackers to cause a denial of service (crash) and possibly execute arbitrary code, via invalid encodings for certain BER object types, as demonstra…

CVSS: 7.5 CWE: N/A View on NVD
2001-02-12
Medium

CVE-2001-0003

Web Extender Client (WEC) in Microsoft Office 2000, Windows 2000, and Windows Me does not properly process Internet Explorer security settings for NTLM authentication, which allows attackers to obtai…

CVSS: 5.0 CWE: N/A View on NVD
2000-12-19
High

CVE-2000-0955

Cisco Virtual Central Office 4000 (VCO/4K) uses weak encryption to store usernames and passwords in the SNMP MIB, which allows an attacker who knows the community name to crack the password and gain…

CVSS: 7.5 CWE: N/A View on NVD
2000-11-14
Critical

CVE-2000-0854

When a Microsoft Office 2000 document is launched, the directory of that document is first used to locate DLL's such as riched20.dll and msi.dll, which could allow an attacker to execute arbitrary co…

CVSS: 10.0 CWE: N/A View on NVD
2000-10-20
Medium

CVE-2000-0765

Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerabil…

CVSS: 5.1 CWE: N/A View on NVD
2000-06-27
High

CVE-2000-0597

Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitr…

CVSS: 7.5 CWE: N/A View on NVD
2000-05-11
High

CVE-2000-0419

The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000…

CVSS: 7.5 CWE: N/A View on NVD
2000-04-16
Medium

CVE-2000-0291

Buffer overflow in Star Office 5.1 allows attackers to cause a denial of service by embedding a long URL within a document.

CVSS: 4.6 CWE: N/A View on NVD
1999-12-31
Low

CVE-1999-1259

Microsoft Office 98, Macintosh Edition, does not properly initialize the disk space used by Office 98 files and effectively inserts data from previously deleted files into the Office file, which coul…

CVSS: 2.1 CWE: N/A View on NVD
Low

CVE-1999-1294

Office Shortcut Bar (OSB) in Windows 3.51 enables backup and restore permissions, which are inherited by programs such as File Manager that are started from the Shortcut Bar, which could allow local…

CVSS: 2.1 CWE: N/A View on NVD