Office@2013 Security Vulnerabilities and Issues — Office@2013 CVE List

Lucene search

MicrosoftOffice2013

25 matches found

CVE•added 2019/01/08 9:29 p.m.•1024 views

CVE-2019-0541

A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Interne...

9.3CVSS7.9AI score0.84144EPSS

CVE•added 2019/07/15 7:15 p.m.•253 views

CVE-2019-1084

An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisib...

6.5CVSS5.3AI score0.07824EPSS

CVE•added 2019/07/29 2:9 p.m.•201 views

CVE-2019-1111

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1110.

9.3CVSS8.8AI score0.27063EPSS

CVE•added 2019/08/14 9:15 p.m.•169 views

CVE-2019-1155

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.An attacker could exploit this vulnerability by enticing a victim to open...

9.3CVSS8.8AI score0.09677EPSS

CVE•added 2019/09/11 10:15 p.m.•165 views

CVE-2019-1246

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka 'Jet Database Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-1240, CVE-2019-1241, CVE-2019-1242, CVE-2019-1243, CVE-2019-1247, CVE-2019-1248,...

9.3CVSS8.5AI score0.35463EPSS

CVE•added 2019/01/08 9:29 p.m.•146 views

CVE-2019-0582

A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory, aka "Jet Database Engine Remote Code Execution Vulnerability." This affects Windows 7, Windows Server 2012 R2, Windows RT 8.1, Windows Server 2008, Windows Server 2019, Windows Se...

9.3CVSS8AI score0.35437EPSS

CVE•added 2019/07/29 2:8 p.m.•138 views

CVE-2019-1109

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerabi...

9.1CVSS8.6AI score0.07967EPSS

CVE•added 2019/10/10 2:15 p.m.•106 views

CVE-2019-1331

9.3CVSS8.8AI score0.37247EPSS

CVE•added 2019/09/11 10:15 p.m.•105 views

CVE-2019-1264

A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

7.8CVSS7.5AI score0.07973EPSS

CVE•added 2019/12/10 10:15 p.m.•104 views

CVE-2019-1464

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5AI score0.13324EPSS

CVE•added 2019/03/06 12:0 a.m.•96 views

CVE-2019-0540

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

5.5CVSS5.5AI score0.12875EPSS

CVE•added 2019/11/12 7:15 p.m.•95 views

CVE-2019-1402

An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.

5.5CVSS5.1AI score0.02127EPSS

CVE•added 2019/03/06 12:0 a.m.•94 views

CVE-2019-0672

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0673, CVE-2019-0674, CVE-...

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2019/12/10 10:15 p.m.•94 views

CVE-2019-1400

An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.

5.5CVSS5AI score0.01654EPSS

CVE•added 2019/11/12 7:15 p.m.•94 views

CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5CVSS5.6AI score0.08477EPSS

CVE•added 2019/04/09 9:29 p.m.•91 views

CVE-2019-0801

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addre...

7.8CVSS7.7AI score0.23271EPSS

CVE•added 2019/05/16 7:29 p.m.•91 views

CVE-2019-0946

9.3CVSS7.9AI score0.24224EPSS

CVE•added 2019/03/06 12:0 a.m.•90 views

CVE-2019-0673

9.3CVSS7.9AI score0.31336EPSS

CVE•added 2019/05/16 7:29 p.m.•89 views

CVE-2019-0945

9.3CVSS7.9AI score0.24224EPSS

CVE•added 2019/03/06 12:0 a.m.•88 views

CVE-2019-0671