Memory corruption

Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."...

CVE-2017-0006

Technical details (affected products, root cause, and remediation) are not provided in the connected documents beyond the initial CVE summary; monitor for updates.

CVE-2017-0052

Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service memory corruption via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."...

Memory corruption

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013...

Microsoft Office CVE-2016-3362 Memory Corruption Vulnerability

Description Microsoft Office is prone to a remote memory-corruption vulnerability because it fails to properly handle objects in memory. An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in deni...

MS16-015: Security Update for Microsoft Office to Address Remote Code Execution: February 9, 2016

Describes a security update that fixes vulnerabilities in Microsoft Office. The most severe of these vulnerabilities could allow remote code execution if a user opens a specially crafted Microsoft Office file.SummaryThis security update resolves vulnerabilities in Microsoft Office. To learn more...

Memory corruption

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to execute arbitrary code v...

Microsoft SharePoint Server Excel Services Multiple Vulnerabilities (3104540)

This host is missing an important security update according to Microsoft Bulletin MS15-116. SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE...

KLA10582 Code execution vulnerability in Microsoft Sharepoint Server

An unspecified vulnerability was found in Microsoft SharePoint Server. By exploiting this vulnerability malicious users can execute arbitrary code. This vulnerability can be exploited remotely via a specially designed page content. Original advisories Microsoft bulletin CVE-2015-1700 Related...

Microsoft Office SharePoint Server 2007 Remote Code Execution

No description provided by source. This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3...

Microsoft XML Core Services Remote Code Execution Vulnerabilities (2756145)

This host is missing a critical security update according to Microsoft Bulletin MS13-002. SPDX-FileCopyrightText: 2013 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

Microsoft多个产品HTML过滤组件跨站脚本执行漏洞（MS12-066）

CVECAN ID: CVE-2012-2520 Microsoft是一家基于美国的跨国电脑科技公司。以研发、制造、授权和提供广泛的电脑软件服务业务为主。 Microsoft多个产品在HTML过滤组件内没有正确过滤某些输入即返给用户使用。成功利用此漏洞的攻击者可执行跨站脚本攻击并以当前用户权限运行脚本。 0 Microsoft SharePoint Server 2007 Microsoft Office Web Apps Microsoft Groove Server 2010 Microsoft Lync 2010 Microsoft Office Communicator 2007...

MS10-104 Microsoft Office SharePoint Server 2007 Remote Code Execution

This module exploits a vulnerability found in SharePoint Server 2007 SP2. The software contains a directory traversal, that allows a remote attacker to write arbitrary files to the filesystem, sending a specially crafted SOAP ConvertFile request to the Office Document Conversions Launcher Service...

Microsoft Office SharePoint Server 2007 Remote Code Execution

This file is part of the Metasploit Framework and may be subject to redistribution and commercial restrictions. Please see the Metasploit web site for more information on licensing and terms of use. http://metasploit.com/ require 'msf/core' class Metasploit3 'Microsoft Office SharePoint Server 20...

CVE-2012-1860

CVE-2012-1860 affects Microsoft SharePoint components: SharePoint Server 2007 (SP2/SP3), SharePoint Server 2010 (Gold/SP1), and Office Web Apps 2010 (Gold/SP1). The root cause is improper permission checks for search scopes, enabling remote authenticated users to view or tamper with other users’ ...

CVE-2011-1892

CVE-2011-1892 targets SharePoint-related products (SharePoint Server/Workspace/ Groove components, Office Web Apps, Windows SharePoint Services, etc.). The flaw is an XXE-style vulnerability where Web Parts containing XML classes referencing external entities allow remote authenticated users to r...

CVE-2010-3964

Unrestricted file upload vulnerability in the Document Conversions Launcher Service in Microsoft Office SharePoint Server 2007 SP2, when the Document Conversions Load Balancer Service is enabled, allows remote attackers to execute arbitrary code via a crafted SOAP request to TCP port 8082, aka...

CVE-2010-0263

Microsoft Office Excel 2007 SP1 and SP2; Office 2008 for Mac; Open XML File Format Converter for Mac; Office Excel Viewer SP1 and SP2; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP1 and SP2; and Office SharePoint Server 2007 SP1 and SP2 do not validate ZIP headers...

MS07-059: Vulnerability in Windows SharePoint Could Result in Elevation of Privilege (942017)

The remote host is running a version of SharePoint Server 2007 or SharePoint Services 3.0 that is vulnerable to a privilege elevation attack in the SharePoint site. An attacker may use this to execute scripts in the context of the SharePoint site. C Tenable Network Security, Inc...

Security Update for Microsoft Office SharePoint Server 2007 (KB2687405) 64-Bit Edition

A security vulnerability exists in Microsoft Office SharePoint Server 2007 64-Bit Edition that could allow arbitrary code to run when a maliciously modified file is opened. This update resolves that vulnerability...