Lucene search
+L
MicrosoftInfopath2007

4 matches found

CVE
CVE
added 2015/11/11 11:0 a.m.116 views

CVE-2015-2503

CVE-2015-2503 is an Office Elevation of Privilege vulnerability that can be triggered via a crafted web site loaded in Internet Explorer to bypass sandbox protections and gain privileges. The initial CVE entry lists Microsoft Office 2007–2016 products (Word, Excel, PowerPoint, Access, InfoPath, V...

9.3CVSS6.8AI score0.1684EPSS
CVE
CVE
added 2016/03/09 11:0 a.m.89 views

CVE-2016-0021

CVE-2016-0021 is a memory corruption vulnerability in Microsoft Office components (InfoPath 2007 SP3, InfoPath 2010 SP2, InfoPath 2013 SP1) that allows remote code execution via specially crafted Office documents. Root cause: improper handling of in-memory objects during parsing leads to memory c...

9.3CVSS7.7AI score0.23429EPSS
CVE
CVE
added 2012/10/09 9:0 p.m.80 views

CVE-2012-2520

CVE-2012-2520 is a cross-site scripting vulnerability in Microsoft’s HTML sanitization component affecting multiple products (InfoPath 2007/2010, Communicator/Lync 2010, SharePoint Server/Foundation, Groove Server, Office Web Apps). The issue arises from improper input filtering in the HTML sanit...

4.3CVSS5.6AI score0.28477EPSS
CVE
CVE
added 2008/07/07 11:0 p.m.69 views

CVE-2008-3068

Microsoft Crypto API 5.131.2600.2180 through 6.0 (used in Outlook, Windows Live Mail, and Office 2007) performs CRL checks by using an arbitrary URL from a certificate embedded in an S/MIME email or a signed document via the Authority Information Access (AIA) extension. This allows remote attacke...

7.5CVSS6.7AI score0.17404EPSS