10 matches found
CVE-2018-8332
CVE-2018-8332 is a remote code execution vulnerability in the Windows font library (Win32k) where specially crafted embedded fonts are mishandled. It affects a broad set of Windows platforms including Windows 7, Windows 8.1, Windows 10 (and server equivalents listed in the initial entry), as well...
CVE-2018-8147
CVE-2018-8147 is a remote code execution vulnerability in Microsoft Excel (Office) tied to improper handling of in-memory objects. The issue could allow an attacker to run arbitrary code in the context of the current user, potentially taking control of the affected system, as described in multipl...
CVE-2017-11825
Microsoft Office Remote Code Execution Vulnerability (CVE-2017-11825) affects Office 2016 (Click-to-Run) and Office 2016 for Mac. Root cause: improper handling of memory objects when processing files, enabling an attacker to execute arbitrary code in the current user’s security context via a spec...
CVE-2018-8148
CVE-2018-8148 is a remote code execution vulnerability in Microsoft Excel (Office) arising from improper handling of in-memory objects. The issue affects Microsoft Office/Excel and is part of a set including CVE-2018-8147 and CVE-2018-8162; the connected MAC/Office 2018 May 2018 update entry refe...
CVE-2016-7257
CVE-2016-7257 concerns the GDI component in multiple Windows platforms (Vista SP2, Server 2008 SP2/R2 SP1, Windows 7 SP1) and Office for Mac/Office 2016 for Mac. The vulnerability enables a remote attacker to disclose sensitive information from a process’s memory by prompting a user to visit a cr...
CVE-2018-8429
CVE-2018-8429 is an information disclosure vulnerability in Microsoft Excel and related components (Excel Viewer, Office). The underlying issue is that Excel may disclose memory contents. Affected products include Excel 2010 SP2, 2016 (KB4092460), Office compatibility pack, and related Excel/Offi...
CVE-2016-7276
CVE-2016-7276 affects multiple Microsoft Office products (Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, Office 2016 for Mac). The vulnerability is an information disclosure/denial condition caused by an out-of-bounds read in memory when processing crafted Office document...
CVE-2018-8162
CVE-2018-8162 is a remote code execution vulnerability in Microsoft Excel/Office where improper handling of in-memory objects can allow code execution. Affected products include Microsoft Excel (Office) across platforms; the vulnerability is triggered by memory handling flaws in Excel and require...
CVE-2018-8176
CVE-2018-8176 is a remote code execution vulnerability in Microsoft PowerPoint (Microsoft Office) where PowerPoint fails to properly validate XML content. The underlying issue can allow an attacker to run arbitrary code in the context of the logged-in user after a crafted PowerPoint file is opene...
CVE-2018-8412
CVE-2018-8412 concerns Microsoft Office for Mac and the Microsoft AutoUpdate (MAU) component. The vulnerability arises because MAU improperly validates updates before installing them, enabling an attacker who can run code on the target to elevate privileges by placing a crafted executable in a sp...