CVSS: 9.3EPSS: 47%CPEs: 6EXPL: 2CVE-2016-3313 – Microsoft Word 2007/2010/2013/2016 - Out-of-Bounds Read Code Execution (MS16-099)
https://notcve.org/view.php?id=CVE-2016-3313
09 Aug 2016 — Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted file, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, 2013 RT SP1 y 2016, Word 2016 para Mac y Word Viewer permiten a atacantes remotos ejecutar código arbitrario a través de un archivo manipulado, también conocida como "Microsoft Office Memory Corruption Vulnerability". Microsoft Office ... • https://packetstorm.news/files/id/138320 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 31%CPEs: 4EXPL: 0CVE-2016-3318 – Microsoft Office Word RTF JPEG Parsing Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2016-3318
09 Aug 2016 — Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allow remote attackers to execute arbitrary code via a crafted file, aka "Graphics Component Memory Corruption Vulnerability." Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1 y 2013 RT SP1 permiten a atacantes remotos ejecutar código arbitrario a través de un archivo manipulado, también conocida como "Graphics Component Memory Corruption Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on vulnerable installation... • http://www.securityfocus.com/bid/92308 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 28%CPEs: 15EXPL: 0CVE-2016-0025
https://notcve.org/view.php?id=CVE-2016-0025
16 Jun 2016 — Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability... • http://www.securitytracker.com/id/1036093 • CWE-20: Improper Input Validation •
CVSS: 9.3EPSS: 31%CPEs: 2EXPL: 0CVE-2016-0126
https://notcve.org/view.php?id=CVE-2016-0126
11 May 2016 — Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Office 2013 SP1, 2013 RT SP1 y 2016 permite a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocido como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/89938 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2016-0057
https://notcve.org/view.php?id=CVE-2016-0057
09 Mar 2016 — Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 does not properly sign an unspecified binary file, which allows local users to gain privileges via a Trojan horse file with a crafted signature, aka "Microsoft Office Security Feature Bypass Vulnerability." Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1 y 2016 no firma adecuadamente un archivo binario no especificado, lo que permite a usuarios locales obtener privilegios a través de un archivo Troyano con una firma manipulada, también conocido como "Mic... • http://www.securityfocus.com/bid/84030 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 59%CPEs: 12EXPL: 0CVE-2016-0010
https://notcve.org/view.php?id=CVE-2016-0010
13 Jan 2016 — Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel para Mac 2011, PowerPoint para Mac 201... • http://www.securitytracker.com/id/1034651 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.3EPSS: 13%CPEs: 25EXPL: 0CVE-2016-0012
https://notcve.org/view.php?id=CVE-2016-0012
13 Jan 2016 — Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka ... • http://www.securitytracker.com/id/1034651 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 28%CPEs: 5EXPL: 0CVE-2015-6124
https://notcve.org/view.php?id=CVE-2015-6124
09 Dec 2015 — Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1 y Office Compatibility Pack SP3 permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocida como 'Microsof... • http://www.securitytracker.com/id/1034324 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 39%CPEs: 8EXPL: 0CVE-2015-6093 – Microsoft Office Word TTF Size Miscalculation Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-6093
10 Nov 2015 — Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services en SharePoint Server 2010 SP2 y ... • http://www.securityfocus.com/bid/77491 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 93%CPEs: 5EXPL: 1CVE-2015-2545 – Microsoft Office Malformed EPS File Vulnerability
https://notcve.org/view.php?id=CVE-2015-2545
09 Sep 2015 — Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability." Vulnerabilidad en Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1 y 2013 RT SP1, permite a atacantes remotos ejecutar código arbitrario a través de una imagen EPS manipulada, también conocida como 'Microsoft Office Malformed EPS File Vulnerability.' Microsoft Office allows remote attackers to execute arbitrary code vi... • http://blog.morphisec.com/exploit-bypass-emet-cve-2015-2545 • CWE-20: Improper Input Validation •