11 matches found
CVE-2019-0585
CVE-2019-0585 is a remote code execution vulnerability in Microsoft Word/Office products caused by improper handling of objects in memory. Exploitation could occur via specially crafted Word files, potentially in contexts like email/preview panes, with the attacker gaining the same user rights as...
CVE-2018-1028
CVE-2018-1028 is a remote code execution vulnerability in the Office graphics component that occurs when handling specially crafted embedded fonts. It affects Word, Microsoft Office, SharePoint, Excel, and SharePoint Server. Successful exploitation could allow an attacker to take control of the a...
CVE-2018-8378
CVE-2018-8378 describes an information disclosure in Microsoft Office when Office reads out-of-bounds memory due to an uninitialized variable, potentially exposing memory contents. Affected components include Word, SharePoint Server, Word/Excel Viewers, and related Office products. Connected Open...
CVE-2012-2528
CVE-2012-2528 is a use-after-free remote code execution vulnerability in Microsoft Word and related components triggered by specially crafted RTF documents. Affected products include Word 2003 SP3, Word 2007 SP2/SP3, Word 2010 SP1, Word Viewer, Office Compatibility Pack SP2/SP3, Word Automation S...
CVE-2019-0561
CVE-2019-0561 is an information-disclosure vulnerability in Microsoft Word/Office related to improper handling of Word fields, specifically via Word macro buttons. The issue allows reading arbitrary files from the targeted system. Multiple Nessus/OpenVAS entries and advisories group CVE-2019-0561...
CVE-2016-7290
CVE-2016-7290 affects Microsoft Word/Office components (Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, Office Web Apps 2010 SP2). The vulnerability allows a crafted document to cause an out-o...
CVE-2017-8512
Technical details about CVE-2017-8512 (affected product/version/root cause/impact/fix) are not provided in the connected documents. Monitor official advisories for updates; current materials do not specify exploitation or remediation information.
CVE-2016-7291
CVE-2016-7291 affects Microsoft Office components including Word 2007 SP3, Office 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2. A crafted document can cause information disclosure by reading memory...
CVE-2016-7233
CVE-2016-7233 is an information-disclosure/out-of-bounds-read vulnerability in multiple Microsoft Office components (e.g., Word 2007, Office 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Web Apps 2010 SP2, SharePoint 2013 components, and Office Automation Services). A craft...
CVE-2017-0105
CVE-2017-0105 is an information-disclosure vulnerability in Microsoft Office components (Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Office Web Apps 2010 SP2) caused by an out-of-bounds re...
CVE-2015-0064
CVE-2015-0064 corresponds to a memory-corruption remote-code-execution vulnerability in Microsoft Word 2007 SP3, Office 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer and Office Compatibility Pack SP3. The issue arises when processing a crafte...