CVSS: 9.3EPSS: 18%CPEs: 11EXPL: 0CVE-2017-8742
https://notcve.org/view.php?id=CVE-2017-8742
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8743. Existe una vulnerabilidad de ejecución remota de código en Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2 y Microsoft Office Compatibility Pack Service Pack 3 cuando manejan incorrectamente objetos en la memoria. Esto también se conoce como "PowerPoint Remote Code Execution Vulnerability" El ID de este CVE es distinto a CVE-2017-8743. • http://www.securityfocus.com/bid/100741 http://www.securitytracker.com/id/1039323 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.6EPSS: 9%CPEs: 13EXPL: 0CVE-2017-8696
https://notcve.org/view.php?id=CVE-2017-8696
Windows Uniscribe in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an attacker to execute code remotely via a specially crafted website or a specially crafted document or email attachment, aka "Microsoft Graphics Component Remote Code Execution." El componente Uniscribe de Windows en Microsoft Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 y 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee y Live Meeting 2007 Add-in y Console permite que un atacante ejecute código remotamente mediante una página web, un documento o archivo de correo adjunto especialmente manipulados. Esto también se conoce como "Microsoft Graphics Component Remote Code Execution". • http://www.securityfocus.com/bid/100780 http://www.securitytracker.com/id/1039344 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8696 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 24%CPEs: 8EXPL: 0CVE-2017-8632
https://notcve.org/view.php?id=CVE-2017-8632
A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3, when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8631, and CVE-2017-8744. Existe una vulnerabilidad de ejecución remota de código en Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3 cuando no se gestionan correctamente los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8630, CVE-2017-8631, y CVE-2017-8744. • http://www.securityfocus.com/bid/100734 http://www.securitytracker.com/id/1039315 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8632 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 33%CPEs: 10EXPL: 0CVE-2017-8631 – Microsoft Office Excel xlsb File Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8631
A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8744. Existe una vulnerabilidad de ejecución remota de código en Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3 y Office Online Server cuando no se gestionan correctamente los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8630, CVE-2017-8632, y CVE-2017-8744. • http://www.securityfocus.com/bid/100751 http://www.securitytracker.com/id/1039315 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8631 •
CVSS: 9.3EPSS: 9%CPEs: 17EXPL: 0CVE-2017-8509
https://notcve.org/view.php?id=CVE-2017-8509
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Office cuando el software no maneja apropiadamente los objetos en la memoria, también se conoce como "Office Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260 y CVE-2017-8506. • http://www.securityfocus.com/bid/98812 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8509 •