5 matches found
Security Updates for Microsoft Word Products C2R (December 2023)
The Microsoft Word application installed on the remote host is missing a security update. It is, therefore, affected by an information disclosure vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
Vulnerabilities fixed in Microsoft Office
Microsoft has fixed vulnerabilities in several Office products. A malicious party could exploit the vulnerabilities to impersonate another user or gain access to sensitive data, potentially including full access to the local file system. Successful exploitation requires the malicious party to tri...
CVE-2023-36009
Microsoft Word Information Disclosure Vulnerability...
CVE-2023-36009 Microsoft Word Information Disclosure Vulnerability
...
CVE-2023-36009
CVE-2023-36009 is a Microsoft Word information-disclosure vulnerability. Evidence in connected docs confirms Word/Office is affected and that public exploits exist. CVSS v3.1 base score 5.5 (Medium); attack vector is Local, with low attack complexity and user interaction required, potentially exp...