CVE-2018-8412: by MS Office for Mac Legacy Package to provide the right-vulnerability warning-the black bar safety net

Note: a patch has been released, please will you MAU upgrade to 18081201 ! Microsoft Autoupdate Helper 3.18180410 + legacy SilverLight insecure installer package EoP Scope of impact: Microsoft Office for Mac 2016 and SkypeForBusiness（16.17.0.65） This report relates to two main defects: 1. Code...

Microsoft Office Elevation of Privilege Vulnerability (CNVD-2018-16847)

Microsoft Office is an office software suite of products developed by the American Microsoft Corporation Microsoft. An elevation of privilege vulnerability exists in Microsoft Office 2016 for Mac, which stems from the program not properly validating updates before executing them. A remote attacke...

Microsoft Office Remote Code Execution Vulnerability - Mac OS X (KB3212224)

This host is missing an important security update according to Microsoft KB3212224 SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescriptio...

Remote code execution

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1,...

CVE-2016-7264

CVE-2016-7264 affects Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac. It enables information disclosure via an out-of-bounds memory read in a crafted document; impact is memory contents exposure. No exploitation details are provid...

CVE-2015-6123

Cross-site scripting XSS vulnerability in Microsoft Excel for Mac 2011 and Excel 2016 for Mac allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message that is mishandled by Outlook for Mac, aka "Microsoft Outlook for Mac Spoofing Vulnerability."...

Memory corruption

Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office for Mac 2011, Office for Mac 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Word Web Apps 2010 SP2, and Office Web Apps Server...

Microsoft Office CVE-2015-2477 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in...