CVE-2022-24462 – Microsoft Word Security Feature Bypass Vulnerability
https://notcve.org/view.php?id=CVE-2022-24462
Microsoft Word Security Feature Bypass Vulnerability Una vulnerabilidad de Omisión de Funcionalidades de Seguridad de Microsoft Word • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24462 •
CVE-2022-24461 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24461
Microsoft Office Visio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Office Visio. Este ID de CVE es diferente de CVE-2022-24509, CVE-2022-24510 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of EMR_COMMENT_EMFPLUS records in EMF images. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24461 •
CVE-2022-24509 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24509
Microsoft Office Visio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota en Microsoft Office Visio. Este ID de CVE es diferente de CVE-2022-24461, CVE-2022-24510 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of EMR_COMMENT_EMFPLUS records in EMF images. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24509 •
CVE-2022-24510 – Microsoft Office Visio Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2022-24510
Microsoft Office Visio Remote Code Execution Vulnerability Una vulnerabilidad de Ejecución de Código Remota de Microsoft Office Visio. Este ID de CVE es diferente de CVE-2022-24461, CVE-2022-24509 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Office Visio. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of EMR_COMMENT_EMFPLUS records in EMF images. The issue results from the lack of proper validation of user-supplied data, which can result in a type confusion condition. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-24510 •
CVE-2022-23252 – Microsoft Office Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2022-23252
Microsoft Office Information Disclosure Vulnerability Una Vulnerabilidad de Divulgación de Información de Microsoft Office • https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-23252 •