CVSS: 9.3EPSS: 55%CPEs: 10EXPL: 0CVE-2017-8631 – Microsoft Office Excel xlsb File Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8631
13 Sep 2017 — A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Me... • http://www.securityfocus.com/bid/100751 •
CVSS: 9.3EPSS: 83%CPEs: 1EXPL: 0CVE-2017-8567
https://notcve.org/view.php?id=CVE-2017-8567
13 Sep 2017 — A remote code execution vulnerability exists in Microsoft Excel for Mac 2011 when it fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution". Existe una vulnerabilidad de ejecución remota de código en Microsoft Excel para Mac 2011 cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Office Remote Code Execution". • http://www.securityfocus.com/bid/100719 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 85%CPEs: 12EXPL: 0CVE-2017-8501
https://notcve.org/view.php?id=CVE-2017-8501
11 Jul 2017 — Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502. Microsoft Office permite una vulnerabilidad de ejecución remota de código debido a la forma en la que gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8502. • http://www.securityfocus.com/bid/99441 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 85%CPEs: 4EXPL: 0CVE-2017-8502
https://notcve.org/view.php?id=CVE-2017-8502
11 Jul 2017 — Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8501. Microsoft Office permite una vulnerabilidad de ejecución remota de código debido a la forma en la que gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8501. • http://www.securityfocus.com/bid/99442 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 52%CPEs: 6EXPL: 0CVE-2017-8510
https://notcve.org/view.php?id=CVE-2017-8510
15 Jun 2017 — A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Office cuando el programa no puede manejar apropiadamente los objetos en la memoria, también se conoce como "Office Remote Code Execution Vulnerability". E... • http://www.securityfocus.com/bid/98813 •
CVSS: 5.4EPSS: 1%CPEs: 6EXPL: 0CVE-2017-0195
https://notcve.org/view.php?id=CVE-2017-0195
12 Apr 2017 — Microsoft Excel Services on Microsoft SharePoint Server 2010 SP1 and SP2, Microsoft Excel Web Apps 2010 SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps Server 2013 SP1 and Office Online Server allows remote attackers to perform cross-site scripting and run script with local user privileges via a crafted request, aka "Microsoft Office XSS Elevation of Privilege Vulnerability." Microsoft Excel Services en Microsoft SharePoint Server 2010 SP1 y SP2, Microsoft Excel Web Apps 2010 SP2, Microso... • http://www.securityfocus.com/bid/97417 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 5.5EPSS: 7%CPEs: 3EXPL: 0CVE-2017-0194
https://notcve.org/view.php?id=CVE-2017-0194
12 Apr 2017 — Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2 y Office Compatibility Pack SP2 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un documento Office manipulado, vulnerabilidad también conocida como "Vulnerabili... • http://www.securityfocus.com/bid/97436 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 10%CPEs: 4EXPL: 0CVE-2017-0006
https://notcve.org/view.php?id=CVE-2017-0006
17 Mar 2017 — Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053. Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel V... • http://www.securityfocus.com/bid/96740 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 10%CPEs: 4EXPL: 0CVE-2017-0052
https://notcve.org/view.php?id=CVE-2017-0052
17 Mar 2017 — Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, and CVE-2017-0053. Microsoft Office Compatibility Pack SP3, Excel 2007 SP3, Excel V... • http://www.securityfocus.com/bid/96741 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 12%CPEs: 4EXPL: 0CVE-2017-0020
https://notcve.org/view.php?id=CVE-2017-0020
17 Mar 2017 — Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053. Microsoft Excel 2016, Excel 2010 SP2, Excel 2013 RT SP1 y Office Web Apps Server 2013 SP1 p... • http://www.securityfocus.com/bid/96050 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •