Lucene search
K

204 matches found

OpenVAS
OpenVAS
added 2018/04/11 12:0 a.m.37 views

Microsoft Word 2016 Information Disclosure Vulnerability (KB4018339)

This host is missing an important security update according to Microsoft KB4018339 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

6.5CVSS6.1AI score0.09024EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/04/11 12:0 a.m.41 views

Microsoft Word 2010 Service Pack 2 Information Disclosure Vulnerability (KB4018359)

This host is missing an important security update according to Microsoft KB4018359 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

6.5CVSS6.1AI score0.09024EPSS
Exploits0References1
OpenVAS
OpenVAS
added 2018/04/11 12:0 a.m.87 views

Microsoft Office Compatibility Pack Service Pack 3 Information Disclosure Vulnerability (KB4018354)

This host is missing an important security update according to Microsoft KB4018354 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

6.5CVSS6.1AI score0.09024EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2018/04/11 12:0 a.m.42 views

Microsoft Word 2013 Service Pack 1 Information Disclosure Vulnerability (KB4018347)

This host is missing an important security update according to Microsoft KB4018347 SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

6.5CVSS6.1AI score0.09024EPSS
Exploits0References1
Microsoft CVE
Microsoft CVE
added 2018/04/10 7:0 a.m.31 views

Microsoft Office Information Disclosure Vulnerability

An information disclosure vulnerability exists when Office renders Rich Text Format RTF email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the...

6.5CVSS1.1AI score0.09024EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2018/04/10 12:0 a.m.216 views

Security Updates for Microsoft Office Products (April 2018)

The Microsoft Office Products are missing security updates. It is, therefore, affected by multiple vulnerabilities : - An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the...

9.3CVSS8.2AI score0.41319EPSS
Exploits0References12
Fedora
Fedora
added 2018/03/06 5:35 p.m.19 views

[SECURITY] Fedora 27 Update: sharutils-4.15.2-8.fc27

The sharutils package contains the GNU shar utilities, a set of tools for encoding and decoding packages of files in binary or text format in a special plain text format called shell archives shar. This format can be sent through e-mail which can be problematic for regular binary files. T he shar...

0.1AI score
Exploits0
OSV
OSV
added 2018/01/25 8:29 a.m.3 views

CVE-2018-6217

The WStr::allociostrdata function in kso.dll in Kingsoft WPS Office 10.1.0.7106 and 10.2.0.5978 allows remote attackers to cause a denial of service application crash via a crafted a web page, b office document, or c .rtf file...

5.5CVSS5.8AI score0.00894EPSS
Exploits1References1
CNVD
CNVD
added 2018/01/25 12:0 a.m.1 views

Kingsoft WPS Office Denial of Service Vulnerability

Kingsoft WPS Office is an office software suite from the Chinese company Kingsoft, commonly used components include Writer word processing, Spreadsheets spreadsheets and Presentation presentations. A security vulnerability exists in the 'WStr::allociostrdata' function of the kso.dll file in...

5.5CVSS6.8AI score0.00894EPSS
Exploits1References1
OSV
OSV
added 2018/01/10 1:29 a.m.3 views

CVE-2018-0797

Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability"...

7.8CVSS6.3AI score0.24764EPSS
Exploits0References3
seebug.org
seebug.org
added 2017/09/14 12:0 a.m.557 views

FireEye Uncovers CVE-2017-8759: Zero-Day Used in the Wild to Distribute FINSPY

FireEye recently detected a malicious Microsoft Office RTF document that leveraged CVE-2017-8759, a SOAP WSDL parser code injection vulnerability. This vulnerability allows a malicious actor to inject arbitrary code during the parsing of SOAP WSDL definition contents. FireEye analyzed a Microsoft...

9.3CVSS8.9AI score0.99933EPSS
Exploits40
Tenable Nessus
Tenable Nessus
added 2016/10/17 12:0 a.m.30 views

openSUSE Security Update : libreoffice (openSUSE-2016-1192)

LibreOffice was updated to version 5.1.5.2, bringing enhancements and bug fixes. - CVE-2016-4324: Parsing the Rich Text Format character style index was insufficiently checked for validity. Documents could be constructed which dereference an iterator to the first entry of an empty STL container...

7.8CVSS7.2AI score0.02842EPSS
Exploits1References3
OSV
OSV
added 2016/10/14 2:59 a.m.2 views

CVE-2016-7193

Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps...

7.8CVSS6.1AI score0.57705EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2016/10/11 12:0 a.m.6 views

PT-2016-3358 · Microsoft · Sharepoint Server +8

Name of the Vulnerable Software and Affected Versions: Microsoft Office versions 2007 SP2 through 2016 Microsoft Word versions 2007 SP2 through 2016 Microsoft Word for Mac versions 2011 through 2016 Office Compatibility Pack version SP3 Word Viewer affected versions not specified Word Automation...

10CVSS8.2AI score0.57705EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2016/10/07 12:0 a.m.43 views

SUSE SLED12 Security Update : libreoffice (SUSE-SU-2016:2472-1)

LibreOffice was updated to version 5.1.5.2, bringing enhancements and bug fixes. - CVE-2016-4324: Parsing the Rich Text Format character style index was insufficiently checked for validity. Documents could be constructed which dereference an iterator to the first entry of an empty STL container...

7.8CVSS7.2AI score0.02842EPSS
Exploits1References5
Check Point Advisories
Check Point Advisories
added 2016/08/09 12:0 a.m.5 views

Microsoft Office Memory Corruption (MS16-099: CVE-2016-3317)

A remote code execution vulnerability has been reported in Microsoft Office. The vulnerability is caused when Microsoft Office does not properly handle rich text format files in memory. A remote attacker can exploit this issue by enticing a user to open a specially crafted file with an affected...

9.3CVSS7.7AI score0.22127EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2016/07/08 12:0 a.m.49 views

LibreOffice < 5.1.4 RTF Character Style Index RCE

The version of LibreOffice installed on the remote Windows host is prior to 5.1.4. It is, therefore, affected by a use-after-free error during Rich Text Format RTF file parsing due to improper validation of the RTF character style index. An unauthenticated, remote attacker can exploit this, by...

7.8CVSS7.7AI score0.02842EPSS
Exploits1References4
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.4 views

The vulnerability of the Microsoft Office software allows a malicious actor to execute arbitrary code with privileges of the current user.

The Microsoft Office suite contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized attacker to execute arbitrary code with privileges of the current user...

9.3CVSS8.2AI score0.97327EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.6 views

The vulnerability of the Microsoft Office Web Apps package allows a malicious actor to execute arbitrary code with privileges of the current user.

The Microsoft Office Web Apps software package contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized intruder to execute arbitrary code with privileges of the current user...

9.3CVSS8.2AI score0.97327EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2016/07/07 12:0 a.m.5 views

The vulnerability of Microsoft Word text editors allows a malicious actor to execute arbitrary code with the privileges of the current user.

Microsoft Word’s text editor contains a vulnerability related to errors that occur due to improper processing of specially crafted RTF files. Exploiting this vulnerability could allow an unauthorized intruder to execute arbitrary code with privileges of the current user...

9.3CVSS8.2AI score0.97327EPSS
Exploits1References3
Rows per page
Query Builder