15 matches found
CVE-2013-3906
CVE-2013-3906 is a memory corruption vulnerability in Microsoft Windows Graphics Component (TIFF handling) that could allow remote code execution. It affected GDI+ in Windows Vista SP2/Server 2008 SP2 and Office suites (Office 2003 SP3, 2007 SP3, 2010 SP1/SP2, Office Compatibility Pack SP3) and L...
CVE-2018-8628
CVE-2018-8628 is a remote code execution vulnerability affecting Microsoft PowerPoint and related Office components (Office, SharePoint, PowerPoint Viewer, etc.) caused by improper handling of objects in memory. The Nessus/OpenVAS entries confirm the vulnerability across PowerPoint and Office pro...
CVE-2018-8432
CVE-2018-8432 is a remote code execution in Microsoft Graphics Components. It affects Windows and Office components (e.g., Office, Word Viewer, Excel Viewer, PowerPoint Viewer) across multiple Windows and Office versions; the underlying issue is how Graphics Components handle objects in memory. E...
CVE-2017-8742
Two CVEs (CVE-2017-8742 and CVE-2017-8743) describe remote code execution in Microsoft PowerPoint family and associated server/web apps due to improper handling of objects in memory. CVE-2017-8742 affects PowerPoint up to 2016, PowerPoint Viewer 2007, SharePoint Server 2013 SP1, SharePoint Enterp...
CVE-2008-3013
CVE-2008-3013 corresponds to a GDI+ GIF parsing vulnerability. The connected KB954593 (MS08-052) describes remote code execution in Windows GDI+ when a user views a specially crafted GIF, affecting multiple Windows versions and Office components. The underlying issue is memory corruption during G...
CVE-2019-0540
CVE-2019-0540 is a security feature bypass in Microsoft Office where URLs are not properly validated, enabling phishing-style credential theft when a victim opens a specially crafted file (Word component). The vulnerability is addressed by Microsoft Office security updates released in February 20...
CVE-2011-0655
CVE-2011-0655 affects Microsoft PowerPoint and related Office components. The vulnerability arises when PowerPoint reads an invalid TimeColorBehaviorContainer Floating Point record in a PowerPoint file, with insufficient validation allowing remote code execution or memory corruption. Affected pro...
CVE-2010-2573
CVE-2010-2573 is a PowerPoint remote-code-execution vulnerability caused by an integer underflow while parsing PowerPoint files. Affected are Microsoft PowerPoint 2002 SP3, 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac. Microsoft’s MS10-088 security bulletin provides a patch for the vu...
CVE-2016-3360
CVE-2016-3360 affects multiple Microsoft Office components, notably PowerPoint and related Office apps. The vulnerability is a memory corruption issue in which a crafted document can cause remote code execution on the affected host. Affected products include PowerPoint 2007 SP3, 2010 SP2, 2013 SP...
CVE-2015-1682
Microsoft Office Multiple Remote Code Execution Vulnerabilities (CVE-2015-1682) affect Office/SharePoint components across Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, Word/Excel/PowerPoint/SharePoint-related services, etc. Root cause: memory corruption triggered by processing a crafted...
CVE-2016-7230
CVE-2016-7230 affects Microsoft PowerPoint 2010 SP2, PowerPoint Viewer, and Office Web Apps 2010 SP2. The root cause is memory corruption from improper handling of objects in memory, enabling remote code execution when a user opens a specially crafted Office document. Exploitation requires user a...
CVE-2018-8427
CVE-2018-8427 is an information-disclosure vulnerability in Microsoft Graphics Components that affects Microsoft Office family products (Office, Word Viewer, PowerPoint/Excel Viewers, Office 365 ProPlus) and related Windows components (Windows Server 2008). The root cause involves improper handli...
CVE-2018-8501
CVE-2018-8501 is a remote code execution flaw in Microsoft PowerPoint/Office caused by improper handling of objects in Protected View. The vulnerability allows a remote attacker to run arbitrary code in the context of the current user, with the potential for system compromise if the user has admi...
CVE-2011-0656
Microsoft Office PowerPoint vulnerability CVE-2011-0656 arises from improper validation of PersistDirectoryEntry records in PowerPoint documents. A Slide containing a malformed record can trigger an exception and subsequent use of a malformed object, enabling remote code execution or memory corru...
CVE-2011-3413
CVE-2011-3413 affects Microsoft Office products including PowerPoint 2007 SP2, Office 2008 for Mac, Office Compatibility Pack SP2, and PowerPoint Viewer 2007 SP2. The root cause is improper handling of OfficeArt shape records in PowerPoint documents, leading to memory corruption that can enable r...