Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
microsoft office 97 vulnerabilities and exploits
(subscribe to this query)
NA
CVE_2022_21882
OSEP-Notes Initial Access HTA Fileless Initial Access Reverse Shell (AppLocker + CLM + Defender Bypass) Scenario: You can make a user execute your malicious HTA files, but AppLocker, CLM, and Defender block all payloads. To get a fileless reverse shell, one method that worked for...
1 Github repository
5
CVSSv2
CVE-2019-1789
ClamAV versions before 0.101.2 are susceptible to a denial of service (DoS) vulnerability. An out-of-bounds heap read condition may occur when scanning PE files. An example is Windows EXE and DLL files that have been packed using Aspack as a result of inadequate bound-checking.
Clamav Clamav
4.3
CVSSv2
CVE-2019-1788
A vulnerability in the Object Linking & Embedding (OLE2) file scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote malicious user to cause a denial of service condition on an affected device. The vulnerab...
Clamav Clamav
Opensuse Leap 15.0
Opensuse Leap 42.3
Debian Debian Linux 8.0
4.3
CVSSv2
CVE-2019-1787
A vulnerability in the Portable Document Format (PDF) scanning functionality of Clam AntiVirus (ClamAV) Software versions 0.101.1 and prior could allow an unauthenticated, remote malicious user to cause a denial of service (DoS) condition on an affected device. The vulnerability ...
Clamav Clamav
Debian Debian Linux 8.0
Opensuse Leap 42.3
Opensuse Leap 15.0
9.3
CVSSv2
CVE-2011-1982
Microsoft Office 2007 SP2, and 2010 Gold and SP1, does not initialize an unspecified object pointer during the opening of Word documents, which allows remote malicious users to execute arbitrary code via a crafted document, aka "Office Uninitialized Object Pointer Vulnerabil...
Microsoft Office 2007
Microsoft Office 2010
9.3
CVSSv2
CVE-2008-4841
The WordPad Text Converter for Word 97 files in Microsoft Windows 2000 SP4, XP SP2, and Server 2003 SP1 and SP2 allows remote malicious users to execute arbitrary code via a crafted (1) .doc, (2) .wri, or (3) .rtf Word 97 file that triggers memory corruption, as exploited in the ...
Microsoft Wordpad Unknown
Microsoft Wordpad
1 EDB exploit
9.3
CVSSv2
CVE-2006-3059
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted malicious users to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.
Microsoft Excel 2000
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2004
Microsoft Excel Viewer 2003
1 EDB exploit
6.8
CVSSv2
CVE-2005-4131
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted malicious users to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument...
Microsoft Excel 2002
Microsoft Excel 2003
Microsoft Excel 2000
Microsoft Excel 95
Microsoft Excel 97
1 EDB exploit
4.6
CVSSv2
CVE-1999-1431
ZAK in Appstation mode allows users to bypass the "Run only allowed apps" policy by starting Explorer from Office 97 applications (such as Word), installing software into the TEMP directory, and changing the name to that for an allowed application, such as Winword.exe.
Microsoft Zero Administration Kit 1.0
1 EDB exploit
5
CVSSv2
CVE-2002-1143
Microsoft Word and Excel allow remote malicious users to steal sensitive information via certain field codes that insert the information when the document is returned to the attacker, as demonstrated in Word using (1) INCLUDETEXT or (2) INCLUDEPICTURE, aka "Flaw in Word Fiel...
Microsoft Excel 2002
Microsoft Word 2000
Microsoft Word
Microsoft Word 97
Microsoft Word 98
Microsoft Word 2002
Microsoft Word 2001
2 EDB exploits
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »