2000 * * * : Security Vulnerabilities

Cpe Name:cpe:2.3:a:microsoft:excel:2000:*:*:*:*:*:*:*

CVSS Scores Greater Than: 0 1 2 3 4 5 6 7 8 9

Sort Results By : CVE Number Descending CVE Number Ascending CVSS Score Descending Number Of Exploits Descending

#	CVE ID	CWE ID	Vulnerability Type(s)	Publish Date	Update Date	Score	Gained Access Level	Access	Complexity	Authentication	Conf.	Integ.	Avail.
1	CVE-2007-0671		Exec Code	2007-02-03	2018-10-12	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks.
2	CVE-2007-0215		Exec Code Overflow Mem. Corr.	2007-05-08	2018-10-16	7.6	None	Remote	High	Not required	Complete	Complete	Complete
Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a .XLS BIFF file with a malformed Named Graph record, which results in memory corruption.
3	CVE-2007-0031		Exec Code Overflow	2007-01-09	2018-10-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a BIFF8 spreadsheet with a PALETTE record that contains a large number of entries.
4	CVE-2007-0030		Exec Code	2007-01-09	2018-10-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via an Excel file with an out-of-range Column field in certain BIFF8 record types, which references arbitrary memory.
5	CVE-2007-0029		Exec Code	2007-01-09	2018-10-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code via a malformed string, aka "Excel Malformed String Vulnerability."
6	CVE-2007-0028	20	Exec Code	2007-01-09	2018-10-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which allows user-assisted remote attackers to execute arbitrary code via a crafted XLS file, which results in an "Improper Memory Access Vulnerability." NOTE: an early disclosure of this issue used CVE-2006-3432, but only CVE-2007-0028 should be used.
7	CVE-2007-0027		Exec Code Mem. Corr.	2007-01-09	2018-10-16	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed IMDATA records that trigger memory corruption.
8	CVE-2006-3877	94	Exec Code	2006-10-10	2018-10-17	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876.
9	CVE-2006-3875		Exec Code	2006-10-10	2018-10-17	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted COLINFO record in an XLS file, a different vulnerability than CVE-2006-2387 and CVE-2006-3867.
10	CVE-2006-3867		Exec Code	2006-10-10	2018-10-17	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted attackers to execute arbitrary code via a crafted Lotus 1-2-3 file, a different vulnerability than CVE-2006-2387 and CVE-2006-3875.
11	CVE-2006-3059		Exec Code	2006-06-17	2018-10-18	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via unspecified vectors. NOTE: this is a different vulnerability than CVE-2006-3086.
12	CVE-2006-2388	94	Exec Code	2006-07-13	2018-10-18	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead to modification of "critical data offsets" during the rebuilding process.
13	CVE-2006-1309	94	Exec Code Mem. Corr.	2006-07-13	2018-10-12	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that triggers memory corruption.
14	CVE-2006-1308	94	Exec Code	2006-07-13	2018-10-12	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted FNGROUPCOUNT value.
15	CVE-2006-1306	94	Exec Code	2006-07-13	2018-10-18	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with an attacker-controlled array index that is used for a function pointer, aka "Malformed OBJECT record Vulnerability."
16	CVE-2006-1304	94	Exec Code Overflow	2006-07-13	2018-10-18	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted COLINFO record, which triggers the overflow during a "data filling operation."
17	CVE-2006-1302	119	Exec Code Overflow Mem. Corr.	2006-07-13	2018-10-18	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain crafted fields in a SELECTION record, which triggers memory corruption, aka "Malformed SELECTION record Vulnerability."
18	CVE-2006-1301	94	Exec Code Mem. Corr.	2006-07-13	2018-10-12	9.3	None	Remote	Medium	Not required	Complete	Complete	Complete
Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record that triggers memory corruption, a different vulnerability than CVE-2006-1302.
19	CVE-2006-0030		Exec Code Mem. Corr.	2006-03-14	2018-10-12	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed graphic, which leads to memory corruption.
20	CVE-2006-0029		Exec Code Mem. Corr.	2006-03-14	2018-10-12	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed description, which leads to memory corruption.
21	CVE-2006-0028		Exec Code Mem. Corr.	2006-03-14	2018-10-19	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via a BIFF parsing format file containing malformed BOOLERR records that lead to memory corruption, probably involving invalid pointers.
22	CVE-2005-4131		Exec Code Mem. Corr.	2005-12-09	2018-10-19	6.8	None	Remote	Medium	Not required	Partial	Partial	Partial
Unspecified vulnerability in Microsoft Excel 2000, 2002, and 2003, in Microsoft Office 2000 SP3 and other packages, allows user-assisted attackers to execute arbitrary code via an Excel file with a malformed range, which could lead to memory corruption involving an argument to the msvcrt.memmove function, aka "Brand new Microsoft Excel Vulnerability," as originally placed for sale on eBay as item number 7203336538.
23	CVE-2004-0846		Exec Code	2004-11-03	2018-10-12	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Unknown vulnerability in Microsoft Excel 2000, 2002, 2001 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via a malicious file containing certain parameters that are not properly validated.
24	CVE-2002-0618		Exec Code	2002-08-12	2018-10-12	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code in the Local Computer zone by embedding HTML scripts within an Excel workbook that contains an XSL stylesheet, aka "Excel XSL Stylesheet Script Execution".
25	CVE-2002-0617		Exec Code Bypass	2002-08-12	2018-10-12	5.1	None	Remote	High	Not required	Partial	Partial	Partial
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by creating a hyperlink on a drawing shape in a source workbook that points to a destination workbook containing an autoexecute macro, aka "Hyperlinked Excel Workbook Macro Bypass."
26	CVE-2002-0616		Exec Code	2002-08-12	2018-10-12	5.1	None	Remote	High	Not required	Partial	Partial	Partial
The Macro Security Model in Microsoft Excel 2000 and 2002 for Windows allows remote attackers to execute code by attaching an inline macro to an object within an Excel workbook, aka the "Excel Inline Macros Vulnerability."
27	CVE-2002-0615			2002-07-03	2018-10-12	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
The Windows Media Active Playlist in Microsoft Windows Media Player 7.1 stores information in a well known location on the local file system, allowing attackers to execute HTML scripts in the Local Computer zone, aka "Media Playback Script Invocation".
28	CVE-2000-0765		Exec Code Overflow	2000-10-20	2018-10-12	5.1	None	Remote	High	Not required	Partial	Partial	Partial
Buffer overflow in the HTML interpreter in Microsoft Office 2000 allows an attacker to execute arbitrary commands via a long embedded object tag, aka the "Microsoft Office HTML Object Tag" vulnerability.
29	CVE-2000-0637		Exec Code	2000-07-26	2018-10-12	4.6	None	Local	Low	Not required	Partial	Partial	Partial
Microsoft Excel 97 and 2000 allows an attacker to execute arbitrary commands by specifying a malicious .dll using the Register.ID function, aka the "Excel REGISTER.ID Function" vulnerability.
30	CVE-2000-0597			2000-06-27	2018-10-12	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
Microsoft Office 2000 (Excel and PowerPoint) and PowerPoint 97 are marked as safe for scripting, which allows remote attackers to force Internet Explorer or some email clients to save files to arbitrary locations via the Visual Basic for Applications (VBA) SaveAs function, aka the "Office HTML Script" vulnerability.
31	CVE-2000-0419			2000-05-11	2018-10-12	7.5	None	Remote	Low	Not required	Partial	Partial	Partial
The Office 2000 UA ActiveX Control is marked as "safe for scripting," which allows remote attackers to conduct unauthorized activities via the "Show Me" function in Office Help, aka the "Office 2000 UA Control" vulnerability.
32	CVE-2000-0277	254		2000-04-03	2018-10-12	7.2	None	Local	Low	Not required	Complete	Complete	Complete
Microsoft Excel 97 and 2000 does not warn the user when executing Excel Macro Language (XLM) macros in external text files, which could allow an attacker to execute a macro virus, aka the "XLM Text Macro" vulnerability.

Total number of vulnerabilities : 32 Page : 1 (This Page)