Microsoft Excel Viewer — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Excel Viewer, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (125)
CVE-2008-0081 — CVSS 9.8 (critical): Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office 2004 for Mac allows user-assisted remote…
CVE-2006-1302 — CVSS 9.3 (critical): Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with certain…
CVE-2006-1304 — CVSS 9.3 (critical): Buffer overflow in Microsoft Excel 2000 through 2003 allows user-assisted attackers to execute arbitrary code via a .xls file with a…
CVE-2006-1306 — CVSS 9.3 (critical): Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted BIFF record with…
CVE-2006-1308 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file…
CVE-2006-1309 — CVSS 9.3 (critical): Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted LABEL record that…
CVE-2006-2388 — CVSS 9.3 (critical): Microsoft Office Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via malformed cell comments, which lead…
CVE-2006-3059 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 through 2004 allows remote user-assisted attackers to execute arbitrary code via…
CVE-2008-4019 — CVSS 9.3 (critical): Integer overflow in the REPT function in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer…
CVE-2008-3471 — CVSS 9.3 (critical): Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2 and SP3, and 2007 Gold and SP1; Office Excel Viewer 2003 SP3…
CVE-2006-1301 — CVSS 9.3 (critical): Microsoft Excel 2000 through 2004 allows user-assisted attackers to execute arbitrary code via a .xls file with a crafted SELECTION record…
CVE-2008-4266 — CVSS 9.3 (critical): Array index vulnerability in Microsoft Office Excel 2000 SP3, 2002 SP3, and 2003 SP3; Excel Viewer 2003 Gold and SP3; Office 2004 and 2008…
CVE-2009-2500 — CVSS 9.3 (critical): Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft…
CVE-2009-2501 — CVSS 9.3 (critical): Heap-based buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007…
CVE-2009-2503 — CVSS 9.3 (critical): GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Windows Server 2003 SP2, Office XP SP3, Office 2003 SP3, 2007 Microsoft…
CVE-2009-2504 — CVSS 9.3 (critical): Multiple integer overflows in unspecified APIs in GDI+ in Microsoft .NET Framework 1.1 SP1, .NET Framework 2.0 SP1 and SP2, Windows XP SP2…
CVE-2009-2528 — CVSS 9.3 (critical): GDI+ in Microsoft Office XP SP3 does not properly handle malformed objects in Office Art Property Tables, which allows remote attackers to…
CVE-2009-3126 — CVSS 9.3 (critical): Integer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft…
CVE-2009-3127 — CVSS 9.3 (critical): Microsoft Office Excel 2002 SP3 and 2003 SP3, Office 2004 and 2008 for Mac, Open XML File Format Converter for Mac, and Office Excel Viewer…
CVE-2009-3128 — CVSS 9.3 (critical): Microsoft Office Excel 2002 SP3 and 2003 SP3, and Office Excel Viewer 2003 SP3, does not properly parse the Excel file format, which allows…
CVE-2009-3130 — CVSS 9.3 (critical): Heap-based buffer overflow in Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac…
CVE-2009-3131 — CVSS 9.3 (critical): Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac…
CVE-2009-3132 — CVSS 9.3 (critical): Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac…
CVE-2009-3133 — CVSS 9.3 (critical): Microsoft Office Excel 2002 SP3, Office 2004 and 2008 for Mac, and Open XML File Format Converter for Mac allow remote attackers to execute…
CVE-2009-3134 — CVSS 9.3 (critical): Microsoft Office Excel 2002 SP3, 2003 SP3, and 2007 SP1 and SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac…
CVE-2010-3232 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3 and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2; and Office…
CVE-2010-3240 — CVSS 9.3 (critical): Microsoft Excel 2002 SP3 and 2007 SP2; Excel Viewer SP2; and Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats…
CVE-2011-0097 — CVSS 9.3 (critical): Integer underflow in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format Converter…
CVE-2011-0098 — CVSS 9.3 (critical): Integer signedness error in Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004 and 2008 for Mac; Open XML File Format…
CVE-2011-0978 — CVSS 9.3 (critical): Stack-based buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 for Mac; Excel Viewer SP2; and Office…
CVE-2011-0979 — CVSS 9.3 (critical): Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; and…
CVE-2011-1272 — CVSS 9.3 (critical): Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2…
CVE-2011-1273 — CVSS 9.3 (critical): Microsoft Excel 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Excel…
CVE-2011-1274 — CVSS 9.3 (critical): Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac; Excel Viewer SP2…
CVE-2011-1276 — CVSS 9.3 (critical): Buffer overflow in Microsoft Excel 2002 SP3, 2003 SP3, and 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac…
CVE-2011-1987 — CVSS 9.3 (critical): Array index error in Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold…
CVE-2011-1988 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Office 2004 and 2008 for Mac; Open XML File Format Converter for Mac…
CVE-2011-1989 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3 and 2007 SP2; Excel in Office 2007 SP2; Excel 2010 Gold and SP1; Excel in Office 2010 Gold and SP1; Office 2004…
CVE-2011-1990 — CVSS 9.3 (critical): Microsoft Excel 2007 SP2; Excel in Office 2007 SP2; Excel Viewer SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File…
CVE-2012-0141 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and…
CVE-2012-0142 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 for Mac; Excel Viewer; and Office Compatibility Pack SP2 and…
CVE-2012-0184 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility…
CVE-2012-0185 — CVSS 9.3 (critical): Heap-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 Gold and SP1, Excel Viewer, and Office Compatibility Pack SP2 and…
CVE-2012-1847 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2008 and 2011 for Mac; Excel Viewer; and Office Compatibility…
CVE-2012-1886 — CVSS 9.3 (critical): Microsoft Excel 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Excel Viewer; and Office Compatibility Pack SP2 and SP3 allow remote attackers to…
CVE-2012-2543 — CVSS 9.3 (critical): Stack-based buffer overflow in Microsoft Excel 2007 SP2 and SP3 and 2010 SP1; Office 2011 for Mac; Excel Viewer; and Office Compatibility…
CVE-2013-1315 — CVSS 9.3 (critical): Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013…
CVE-2013-3889 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011…
CVE-2013-3890 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted…
CVE-2015-0063 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP1, and RT; Excel Viewer; and Office…
CVE-2015-0085 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010…
CVE-2015-2376 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Office for Mac 2011, Excel Viewer 2007 SP3, Office…
CVE-2015-2520 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3, and Excel Viewer allow remote…
CVE-2015-2521 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code…
CVE-2015-2523 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel for Mac 2011 and 2016, Office Compatibility Pack SP3…
CVE-2015-2558 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac…
CVE-2015-6038 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2015-6040 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow…
CVE-2015-6122 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to…
CVE-2015-6177 — CVSS 9.3 (critical): Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted…
CVE-2006-3877 — CVSS 9.3 (critical): Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac…
CVE-2007-0027 — CVSS 9.3 (critical): Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows remote attackers to execute arbitrary code via malformed…
CVE-2007-0028 — CVSS 9.3 (critical): Microsoft Excel 2000, 2002, 2003, Viewer 2003, Office 2004 for Mac, and Office v.X for Mac does not properly handle certain opcodes, which…
CVE-2007-0029 — CVSS 9.3 (critical): Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code…
CVE-2007-0030 — CVSS 9.3 (critical): Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote attackers to execute arbitrary code…
CVE-2007-0031 — CVSS 9.3 (critical): Heap-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2004 for Mac, and v.X for Mac allows user-assisted remote…
CVE-2007-1203 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, 2004 for Mac, and 2007 allows user-assisted remote…
CVE-2007-1756 — CVSS 9.3 (critical): Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and Office Excel 2007 does not properly validate version information, which…
CVE-2008-0111 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office 2004 for Mac allows…
CVE-2008-0113 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Office Excel Viewer 2003 up to SP3 allows user-assisted remote attackers to execute arbitrary code…
CVE-2008-0114 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, and Office for Mac 2004 allows user-assisted remote…
CVE-2008-0115 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 SP3 through 2007, Viewer 2003, Compatibility Pack, and Office for Mac 2004 allows…
CVE-2008-0116 — CVSS 9.3 (critical): Microsoft Excel 2000 SP3 through 2003 SP2, Viewer 2003, Compatibility Pack, and Office 2004 and 2008 for Mac allows user-assisted remote…
CVE-2008-0117 — CVSS 9.3 (critical): Unspecified vulnerability in Microsoft Excel 2000 SP3 and 2002 SP2, and Office 2004 and 2008 for Mac, allows user-assisted remote attackers…
CVE-2018-0796 — CVSS 8.8 (high): Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code…
CVE-2009-2502 — CVSS 8.1 (high): Buffer overflow in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Office XP SP3, Office 2003 SP3, 2007 Microsoft Office…
CVE-2017-0006 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote…
CVE-2017-0052 — CVSS 7.8 (high): Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote…
CVE-2017-11878 — CVSS 7.8 (high): Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT…
CVE-2017-8501 — CVSS 7.8 (high): Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office…
CVE-2018-1029 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2018-8375 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2018-8432 — CVSS 7.8 (high): A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft…
CVE-2018-8577 — CVSS 7.8 (high): A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka…
CVE-2016-0035 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2016-0054 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2016-0122 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Word 2016 for Mac, Office Compatibility Pack SP3…
CVE-2016-0139 — CVSS 7.8 (high): Microsoft Excel 2010 SP2, Word for Mac 2011, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office…
CVE-2016-3284 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2016-7229 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office…
CVE-2016-7231 — CVSS 7.8 (high): Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary…
CVE-2017-8631 — CVSS 7.8 (high): A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2…
CVE-2007-0215 — CVSS 7.6 (high): Stack-based buffer overflow in Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to…
CVE-2007-3030 — CVSS 7.6 (high): Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, and 2003 Viewer allows user-assisted remote attackers to execute arbitrary code via a…
CVE-2016-7264 — CVSS 7.1 (high): Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to…
CVE-2015-2378 — CVSS 6.9 (medium): Untrusted search path vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel Viewer 2007 SP3, and Office Compatibility Pack SP3…
CVE-2007-1214 — CVSS 6.8 (medium): Microsoft Excel 2000 SP3, 2002 SP3, 2003 SP2, 2003 Viewer, and 2004 for Mac allows user-assisted remote attackers to execute arbitrary code…
CVE-2019-0669 — CVSS 6.5 (medium): An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel…
CVE-2019-0540 — CVSS 5.5 (medium): A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially…
CVE-2018-8427 — CVSS 5.5 (medium): An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft…
CVE-2018-8378 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable…
CVE-2018-8429 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel…
CVE-2018-8246 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel…
CVE-2018-8382 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel…
CVE-2018-8627 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable…
CVE-2017-11877 — CVSS 5.5 (medium): Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT…
CVE-2006-3875 — CVSS 5.1 (medium): Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted…
CVE-2006-3867 — CVSS 5.1 (medium): Unspecified vulnerability in Microsoft Excel 2000, 2002, 2003, 2004 for Mac, v.X for Mac, and Excel Viewer 2003 allows user-assisted…
CVE-2015-2375 — CVSS 4.3 (medium): Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel Viewer 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel…
CVE-2012-5672 — CVSS 4.3 (medium): Microsoft Excel Viewer (aka Xlview.exe) and Excel in Microsoft Office 2007 (aka Office 12) allow remote attackers to cause a denial of…