CVSS: 9.3EPSS: 27%CPEs: 9EXPL: 0CVE-2018-0793
https://notcve.org/view.php?id=CVE-2018-0793
Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791. Microsoft Outlook 2007, Microsoft Outlook 2010 y Microsoft Outlook 2013 permiten una vulnerabilidad de ejecución remota de código debido a la forma en la que se analizan los mensajes de email. Esto también se conoce como "Microsoft Outlook Remote Code Execution Vulnerability". Este CVE es diferente de CVE-2018-0791. • http://www.securityfocus.com/bid/102375 http://www.securitytracker.com/id/1040154 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0793 •
CVSS: 9.3EPSS: 15%CPEs: 9EXPL: 0CVE-2018-0794
https://notcve.org/view.php?id=CVE-2018-0794
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0792. Microsoft Word en Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permiten una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Word Remote Code Execution Vulnerability". Este CVE es diferente de CVE-2018-0792. • http://www.securityfocus.com/bid/102373 http://www.securitytracker.com/id/1040153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0794 •
CVSS: 9.3EPSS: 15%CPEs: 5EXPL: 0CVE-2018-0795
https://notcve.org/view.php?id=CVE-2018-0795
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability". Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permiten una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Office Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/102356 http://www.securitytracker.com/id/1040153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0795 •
CVSS: 9.3EPSS: 88%CPEs: 11EXPL: 1CVE-2018-0798 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2018-0798
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". Equation Editor en Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permite una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. • https://github.com/Sunqiz/CVE-2018-0798-reproduction http://www.securityfocus.com/bid/102370 http://www.securitytracker.com/id/1040153 https://0patch.blogspot.com/2018/01/bringing-abandoned-equation-editor-back.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0798 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 0%CPEs: 4EXPL: 0CVE-2017-11854
https://notcve.org/view.php?id=CVE-2017-11854
Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Word Memory Corruption Vulnerability". Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2 y Microsoft Office Compatibility Pack Service Pack 3 permiten que un atacante ejecute código arbitrario en el contexto del usuario actual al no gestionar correctamente los objetos en la memoria. Esta vulnerabilidad también se conoce como "Microsoft Word Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/101746 http://www.securitytracker.com/id/1039795 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11854 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •