162 matches found
CVE-2019-0947
Summary: CVE-2019-0947 is a remote code execution vulnerability in the Microsoft Office Access Connectivity Engine caused by improper handling of objects in memory. The available documents identify the affected component as the Office Access Connectivity Engine, but do not disclose affected versi...
Microsoft Office 2013 Service Pack 1 Multiple Vulnerabilities (KB4464561)
This host is missing an important security update according to Microsoft KB4464561 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Microsoft Office 2010 Service Pack 2 Multiple Vulnerabilities (KB4464567)
This host is missing an important security update according to Microsoft KB4464567 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Microsoft Office 2016 Multiple Vulnerabilities (KB4464551)
This host is missing an important security update according to Microsoft KB4464551 Copyright C 2019 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This...
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by entici...
Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by entici...
KLA11484 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An elevation of privilege vulnerability in...
CVE-2018-20053
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network...
CVE-2018-20052
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...
Command injection
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network...
CVE-2018-20052
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...
CVE-2018-20053
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network...
Command injection
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...
CVE-2018-20053
CVE-2018-20053 affects Cerner Connectivity Engine (CCE) 4 devices. The hostname, timezone, and NTP server configurations on the CCE are vulnerable to command injection when a crafted configuration file is sent over the network. The available documents do not specify affected versions beyond “CCE ...
CVE-2018-20053
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The hostname, timezone, and NTP server configurations on the CCE device are vulnerable to command injection by sending a crafted configuration file over the network...
CVE-2018-20052
The CVE-2018-20052 entry concerns Cerner Connectivity Engine (CCE) 4 devices where the user running the main CCE firmware has NOPASSWD sudo privileges to several utilities, enabling potential root privilege escalation. A concrete example is the command: sudo ln -s /tmp/script /etc/cron.hourly/scr...
CVE-2018-20052
An issue was discovered on Cerner Connectivity Engine CCE 4 devices. The user running the main CCE firmware has NOPASSWD sudo privileges to several utilities that could be used to escalate privileges to root. One example is the "sudo ln -s /tmp/script /etc/cron.hourly/script" command...
The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite is related to object processing errors in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite is related to errors in object processing in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...
The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite allows a perpetrator to execute arbitrary code.
The vulnerability of the Microsoft Office Access Connectivity Engine component of the Microsoft Office software suite is related to errors in object handling in memory. Exploiting this vulnerability can allow an attacker to execute arbitrary code using a specially created file...