26 matches found
Remote Code Execution Vulnerability in Multiple Microsoft Products
Microsoft PowerPoint 2007 SP3 are products of Microsoft Corporation.Microsoft PowerPoint 2007 SP3 is a document presentation tool in the Office suite; SharePoint Server 2013 SP1 is an enterprise business collaboration platform; Office Web Apps 2010 SP2 is a Web-based office software suite. A remo...
CVE-2017-0106
Microsoft Excel 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1, and Microsoft Outlook 2016 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."...
CVE-2017-0006
Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."...
CVE-2016-7244
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service application hang via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."...
Denial of service
Microsoft Office 2007 SP3 allows remote attackers to cause a denial of service application hang via a crafted Office document, aka "Microsoft Office Denial of Service Vulnerability."...
Microsoft Office CVE-2016-7244 Denial of Service Vulnerability
Description Microsoft Office is prone to a remote denial of service vulnerability. An attacker can exploit this issue to cause a denial of service condition. Technologies Affected Microsoft Office 2007 SP3 Recommendations Block external access at the network boundary, unless external parties...
Information disclosure
The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability."...
MS16-107: Description of the security update for Outlook 2007: September 13, 2016
MS16-107: Description of the security update for Outlook 2007: September 13, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see...
MS16-099: Description of the security update for OneNote 2007: August 9, 2016
MS16-099: Description of the security update for OneNote 2007: August 9, 2016 Summary This security update resolves vulnerabilities in Microsoft Office that could allow remote code execution if a user opens a specially crafted Office file. To learn more about these vulnerabilities, see Microsoft...
PT-2016-2169 · Microsoft · Office Visio +1
Name of the Vulnerable Software and Affected Versions: Microsoft Visio versions 2007 SP3 through 2016 Microsoft Visio Viewer versions 2007 SP3 through 2010 Description: The issue is related to errors in library loading, which can allow a remote attacker to elevate their privileges using a special...
CVE-2015-2415
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."...
CVE-2015-1650
Use-after-free vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allows remote...
CVE-2015-1641
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, and Office Web Apps Server 2010 SP2 and 2013 SP1 allow remote attackers to execute...
PT-2014-2028 · Microsoft · Windows Server 2008 +5
Name of the Vulnerable Software and Affected Versions: Microsoft Windows Server versions 2003 SP2 through 2008 SP2 and R2 SP1 Microsoft Windows Vista version SP2 Microsoft Windows 7 version SP1 Microsoft Office version 2007 SP3 Description: The issue is related to the Input Method Editor IME...
VulnCheck KEV: CVE-2013-5057
hxds.dll in Microsoft Office 2007 SP3 and 2010 SP1 and SP2 does not implement the ASLR protection mechanism, which makes it easier for remote attackers to execute arbitrary code via a crafted COM component on a web site that is visited with Internet Explorer, as exploited in the wild in...
CVE-2013-3890
Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability."...
CVE-2013-3848
Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory...
CVE-2013-3851
Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...
CVE-2013-3870
Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka "Message Certificate Vulnerability."...
CVE-2013-3855
Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted Office document, aka "Word Memory Corruption Vulnerability."...