Page 2 of 25 results (0.013 seconds)

CVSS: 7.1EPSS: 1%CPEs: 5EXPL: 0

Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability." Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel para Mac 2011 y Excel 2016 para Mac permiten a atacantes remotos obtener información sensible desde la memoria de proceso o provocar una denegación de servicio (lectura fuera de rango) a través de un documento manipulado, vulnerabilidad también conocida como "Microsoft Office Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/94769 http://www.securitytracker.com/id/1037441 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148 • CWE-125: Out-of-bounds Read •

CVSS: 9.3EPSS: 6%CPEs: 2EXPL: 0

Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Excel para Mac 2011 y Excel 2016 para Mac permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción de memoria) a través de un documento manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/94668 http://www.securitytracker.com/id/1037441 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 0%CPEs: 8EXPL: 0

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary commands via crafted embedded content in a document, aka "Microsoft Office Security Feature Bypass Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer y Excel 2016 para Mac no maneja adecuadamente una comprobación de registro, lo que permite a atacantes remotos asistidos por usuario ejecutar comandos arbitrarios a través de contenido embebido manipulado en un documento, vulnerabilidad también conocida como "Microsoft Office Security Feature Bypass Vulnerability". • http://www.securityfocus.com/bid/94662 http://www.securitytracker.com/id/1037441 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-148 • CWE-20: Improper Input Validation •

CVSS: 9.3EPSS: 14%CPEs: 9EXPL: 0

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 para Mac, Office Compatibility Pack SP3 y Excel Viewer permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/93995 http://www.securitytracker.com/id/1037246 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 50%CPEs: 13EXPL: 0

Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word for Mac 2011, Excel para Mac 2011, Word 2016 para Mac, Office Compatibility Pack SP3, Word Automation Services en SharePoint Server 2010 SP2, Word Automation Services en SharePoint Server 2013 SP1, Office Web Apps 2010 SP2 y Office Web Apps Server 2013 SP1 permiten a atacantes remotos ejecutar un código arbitrario a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/94020 http://www.securitytracker.com/id/1037246 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 https://www.verisign.com/en_US/security-services/security-intelligence/vulnerability-reports/articles/index.xhtml?id=1233 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •