CVE-2021-34501 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-34501
Microsoft Excel Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Excel . Este ID de CVE es diferente de CVE-2021-34518 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of CONTINUEFRT12 records within XLS files. The issue results from the lack of proper validation of the length of user-supplied data prior to copying it to a heap-based buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34501 https://www.zerodayinitiative.com/advisories/ZDI-21-969 •
CVE-2021-34469 – Microsoft Office Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2021-34469
Microsoft Office Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de la Funcionalidad de Seguridad de Microsoft Office • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-34469 •
CVE-2021-31949 – Microsoft Outlook Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31949
Microsoft Outlook Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Outlook • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31949 •
CVE-2021-31941 – Microsoft Office Graphics Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31941
Microsoft Office Graphics Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Office Graphics. Este ID de CVE es diferente de CVE-2021-31940 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31941 https://www.zerodayinitiative.com/advisories/ZDI-21-669 •
CVE-2021-31939 – Microsoft Excel Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-31939
Microsoft Excel Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Excel This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-31939 https://www.zerodayinitiative.com/advisories/ZDI-21-670 •