Known Vulnerabilities for Office Web Components by Microsoft

Listed below are 10 of the newest known vulnerabilities associated with "Office Web Components" by "Microsoft".

These CVEs are retrieved based on exact matches on listed software, hardware, and vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed software information are still displayed.

Data on known vulnerable versions is also displayed based on information from known CPEs

Known Vulnerabilities

CVE Shortened Description Severity Publish Date Last Modified
CVE-2012-1856 The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components ... 9.3 - HIGH 2012-08-15 2018-11-07
CVE-2012-0158 The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in M... 9.3 - HIGH 2012-04-10 2018-10-12
CVE-2009-2496 Heap-based buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office X... 9.3 - HIGH 2009-08-12 2018-10-12
CVE-2009-1534 Buffer overflow in the Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2000 Web Components SP3, Offi... 9.3 - HIGH 2009-08-12 2018-10-12
CVE-2009-1136 The Microsoft Office Web Components Spreadsheet ActiveX control (aka OWC10 or OWC11), as distributed in Office XP SP3 and Off... 9.3 - HIGH 2009-07-15 2018-10-12
CVE-2009-0562 The Office Web Components ActiveX Control in Microsoft Office XP SP3, Office 2003 SP3, Office XP Web Components SP3, Office 2... 9.3 - HIGH 2009-08-12 2018-10-12
CVE-2006-4695 Unspecified vulnerability in certain COM objects in Microsoft Office Web Components 2000 allows user-assisted remote attacker... 9.3 - HIGH 2006-12-31 2018-10-12
CVE-2002-0861 Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attackers to bypass the "Allow paste operations via script"... 7.5 - HIGH 2002-09-24 2018-10-12
CVE-2002-0860 The LoadText method in the spreadsheet component in Microsoft Office Web Components (OWC) 2000 and 2002 allows remote attacke... 5 - MEDIUM 2002-09-24 2018-10-12
CVE-2002-0727 The Host function in Microsoft Office Web Components (OWC) 2000 and 2002 is exposed in components that are marked as safe for... 7.5 - HIGH 2002-09-24 2018-10-12
Results limited to 10 most recent vulnerabilities

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationMicrosoftOffice Web ComponentsxpAllAllAll
ApplicationMicrosoftOffice Web Components2003sp3AllAll
ApplicationMicrosoftOffice Web Components2002AllAllAll
ApplicationMicrosoftOffice Web Components2000AllAllAll
ApplicationMicrosoftOffice Web Components-AllAllAll
© CVE.report 2026 |

Use of this information constitutes acceptance for use in an AS IS condition. There are NO warranties, implied or otherwise, with regard to this information or its use. Any use of this information is at the user's risk. It is the responsibility of user to evaluate the accuracy, completeness or usefulness of any information, opinion, advice or other content. EACH USER WILL BE SOLELY RESPONSIBLE FOR ANY consequences of his or her direct or indirect use of this web site. ALL WARRANTIES OF ANY KIND ARE EXPRESSLY DISCLAIMED. This site will NOT BE LIABLE FOR ANY DIRECT, INDIRECT or any other kind of loss.

CVE, CWE, and OVAL are registred trademarks of The MITRE Corporation and the authoritative source of CVE content is MITRE's CVE web site. This site includes MITRE data granted under the following license.

CVE.report and Source URL Uptime Status status.cve.report