Vulnerabilities (CVE)

Vendor filter

Product filter

Wordpress Subscribe

Filter

69 total CVE
CVE Vendors Products Updated CVSS
CVE-2009-3258 2 Vtiger, A 2 Vtiger, Vtiger Crm 2018-10-30 9.0
vtiger CRM before 5.1.0 allows remote authenticated users, with certain View privileges, to delete (1) attachments, (2) reports, (3) filters, (4) views, and (5) tickets; insert (6) attachments, (7) reports, (8) filters, (9) views, and (10)...
CVE-2011-4680 2 Vtiger, A 2 Vtiger, Vtiger Crm 2018-10-30 4.3
Multiple cross-site scripting (XSS) vulnerabilities in the customer portal in vtiger CRM before 5.2.0 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.
CVE-2013-5091 2 Vtiger, A 2 Vtiger, Vtiger Crm 2018-10-30 6.5
SQL injection vulnerability in CalendarCommon.php in vTiger CRM 5.4.0 and possibly earlier allows remote authenticated users to execute arbitrary SQL commands via the onlyforuser parameter in an index action to index.php. NOTE: this issue might...
CVE-2006-3650 2 Microsoft, A 2 Microsoft, Office 2018-10-30 9.3
Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac do not properly parse the length of a chart record, which allows remote user-assisted attackers to execute arbitrary code via a Word document with an embedded malformed chart record...
CVE-2006-3876 2 Microsoft, A 2 Microsoft, Office 2018-10-30 9.3
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via a crafted Data record in a PPT file, a different...
CVE-2006-2387 2 Microsoft, A 2 Microsoft, Office 2018-10-30 5.1
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, Excel Viewer 2003, and Microsoft Works Suite 2004 through 2006 allows user-assisted attackers to execute arbitrary code via a crafted DATETIME record in an...
CVE-2006-4534 2 Microsoft, A 2 Microsoft, Office 2018-10-30 9.3
Unspecified vulnerability in Microsoft Word 2000, 2002, and Office 2003 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors involving a crafted file resulting in a malformed stack, as exploited by malware with...
CVE-2010-1799 2 Apple, A 2 Quicktime, Apple 2018-10-30 9.3
Stack-based buffer overflow in the error-logging functionality in Apple QuickTime before 7.6.7 on Windows allows remote attackers to execute arbitrary code or cause a denial of service (application crash) via a crafted movie file.
CVE-2005-2127 3 Microsoft, Ati, A 7 Visual Studio .net, Catalyst Driver, Visio and 4 more 2018-10-19 7.5
Microsoft Internet Explorer 5.01, 5.5, and 6 allows remote attackers to cause a denial of service (application crash) and possibly execute arbitrary code via a web page with embedded CLSIDs that reference certain COM objects that are not intended...
CVE-2006-3647 2 Microsoft, A 2 Microsoft, Office 2018-10-18 9.3
Integer overflow in Microsoft Word 2000, 2002, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string in a Word document, which overflows a 16-bit integer length value, aka...
CVE-2006-3449 2 Microsoft, A 2 Microsoft, Powerpoint 2018-10-18 7.5
Unspecified vulnerability in Microsoft PowerPoint 2000 through 2003, possibly a buffer overflow, allows user-assisted remote attackers to execute arbitrary commands via a malformed record in the BIFF file format used in a PPT file, a different...
CVE-2006-3434 2 Microsoft, A 2 Microsoft, Office 2018-10-18 9.3
Unspecified vulnerability in Microsoft Office 2000, XP, 2003, 2004 for Mac, and v.X for Mac allows remote user-assisted attackers to execute arbitrary code via a crafted string that triggers memory corruption.
CVE-2006-1540 2 Microsoft, A 2 Microsoft, Office 2018-10-18 9.3
MSO.DLL in Microsoft Office 2000, Office XP (2002), and Office 2003 allows user-assisted attackers to cause a denial of service and execute arbitrary code via multiple attack vectors, as originally demonstrated using a crafted document record...
CVE-2006-5574 2 Microsoft, A 6 Project Multilingual User Interface Pack, Microsoft, Visio and 3 more 2018-10-17 9.3
Unspecified vulnerability in the Brazilian Portuguese Grammar Checker in Microsoft Office 2003 and the Multilingual Interface for Office 2003, Project 2003, and Visio 2003 allows user-assisted remote attackers to execute arbitrary code via...
CVE-2003-0821 2 Microsoft, A 3 Word, Microsoft, Works 2018-10-12 7.5
Microsoft Excel 97, 2000, and 2002 allows remote attackers to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
CVE-2003-0820 2 Microsoft, A 3 Word, Microsoft, Works 2018-10-12 7.5
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote attackers to execute arbitrary code via a buffer overflow attack.
CVE-2003-0664 2 Microsoft, A 3 Word, Microsoft, Works 2018-10-12 7.5
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows attackers to bypass the macro security model and automatically execute arbitrary macros via a malicious document.
CVE-2002-1143 2 Microsoft, A 3 Word, Excel, Microsoft 2018-10-12 5.0
Microsoft Word and Excel allow remote attackers to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE,...
CVE-2001-0240 2 Microsoft, A 2 Word, Microsoft 2018-10-12 4.6
Microsoft Word before Word 2002 allows attackers to automatically execute macros without warning the user via a Rich Text Format (RTF) document that links to a template with the embedded macro.
CVE-2000-0088 2 Microsoft, A 5 Office Converter Pack, Microsoft, Office and 2 more 2018-10-12 7.2
Buffer overflow in the conversion utilities for Japanese, Korean and Chinese Word 5 documents allows an attacker to execute commands, aka the "Malformed Conversion Data" vulnerability.