Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft word 97 vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2011-1982
Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote malicious users to execute arbitrary code via a crafted document, aka "Office Uninitialized Object Pointer Vulnerabil...
Microsoft Office 2007
Microsoft Office 2010
9.3
CVSSv2
CVE-2010-2563
The Word 97 text converter in the WordPad Text Converters in Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 does not properly parse malformed structures in Word 97 documents, which allows remote malicious users to execute arbitrary code via a crafted document containing an ...
Microsoft Windows Xp -
Microsoft Windows Server 2003
Microsoft Windows Xp
9.3
CVSSv2
CVE-2009-0235
Stack-based buffer overflow in the Word 97 text converter in WordPad in Microsoft Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2 allows remote malicious users to execute arbitrary code via a crafted Word 97 file that triggers memory corruption, related to use of in...
Microsoft Windows Xp
Microsoft Windows 2000
Microsoft Windows 2003 Server
9.3
CVSSv2
CVE-2009-0259
The Word processor in OpenOffice.org 1.1.2 up to and including 1.1.5 allows remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in ...
Openoffice Openoffice.org 1.1.5
Openoffice Openoffice.org 1.1.4
Openoffice Openoffice.org 1.1.3
Openoffice Openoffice.org 1.1.2
1 EDB exploit
9.3
CVSSv2
CVE-2008-4841
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote malicious users to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the ...
Microsoft Wordpad Unknown
Microsoft Wordpad
1 EDB exploit
4.6
CVSSv2
CVE-1999-1431
ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.
Microsoft Zero Administration Kit 1.0
1 EDB exploit
7.5
CVSSv2
CVE-2003-0820
Microsoft Word 97, 98(J), 2000, and 2002, and Microsoft Works Suites 2001 through 2004, do not properly check the length of the "Macro names" data value, which could allow remote malicious users to execute arbitrary code via a buffer overflow attack.
Microsoft Word 98
Microsoft Word 2000
Microsoft Works 2001
Microsoft Works 2002
Microsoft Word 97
Microsoft Word 2002
Microsoft Works 2003
Microsoft Works 2004
7.5
CVSSv2
CVE-2003-0821
Microsoft Excel 97, 2000, and 2002 allows remote malicious users to execute arbitrary code via a spreadsheet with a malicious XLM (Excel 4) macro that bypasses the macro security model.
Microsoft Word 97
Microsoft Word 98
Microsoft Word 2000
Microsoft Works 2004
Microsoft Word 2002
Microsoft Works 2001
Microsoft Works 2002
Microsoft Works 2003
7.5
CVSSv2
CVE-2003-0664
Microsoft Word 2002, 2000, 97, and 98(J) does not properly check certain properties of a document, which allows malicious users to bypass the macro security model and automatically execute arbitrary macros via a malicious document.
Microsoft Word 98
Microsoft Word 2000
Microsoft Word 2002
Microsoft Works 2001
Microsoft Works 2002
Microsoft Works 2003
Microsoft Word 97
5
CVSSv2
CVE-2002-1143
Microsoft Word and Excel allow remote malicious users to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fiel...
Microsoft Excel 2002
Microsoft Word 2000
Microsoft Word
Microsoft Word 97
Microsoft Word 98
Microsoft Word 2002
Microsoft Word 2001
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »