CVSS: 9.3EPSS: 81%CPEs: 6EXPL: 0CVE-2015-2377 – Microsoft Office Excel Chart Object Use-After-Free Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2015-2377
14 Jul 2015 — Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, y Office Compatibility Pack SP3 permiten a atacantes remotos ejecutar código arbitrario o provocar una denegación de servicio (corrupción d... • http://www.securitytracker.com/id/1032899 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 92%CPEs: 24EXPL: 0CVE-2015-1682 – Microsoft Word ptCount Element Uninitialized Memory Read Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-1682
12 May 2015 — Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2013 RT SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office for Mac 2011, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, PowerPoint Viewer, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Excel Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, Excel Web App 2010 SP2, O... • http://www.securityfocus.com/bid/74481 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 92%CPEs: 29EXPL: 0CVE-2015-0085 – Microsoft Word Format Tag Transposition Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2015-0085
11 Mar 2015 — Use-after-free vulnerability in Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold and SP1, Word 2013 Gold and SP1, Office 2013 RT Gold and SP1, Word 2013 RT Gold and SP1, Excel Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 Gold and SP1, Word Automation Services on SharePoint Server 2013 Gold and SP1, Web A... • http://www.securitytracker.com/id/1031896 •
CVSS: 9.3EPSS: 75%CPEs: 7EXPL: 2CVE-2015-0097 – Microsoft Word - Local Machine Zone Code Execution (MS15-022)
https://notcve.org/view.php?id=CVE-2015-0097
11 Mar 2015 — Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, and Word 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Word Local Zone Remote Code Execution Vulnerability." Microsoft Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Excel 2010 SP2, PowerPoint 2010 SP2, y Word 2010 SP2 permiten a atacantes remotos ejecutar código arbitrario a través de un documento de Office manipulado, también conocido como 'vulne... • https://packetstorm.news/files/id/132761 • CWE-19: Data Processing Errors •
CVSS: 9.3EPSS: 36%CPEs: 9EXPL: 0CVE-2015-0063
https://notcve.org/view.php?id=CVE-2015-0063
11 Feb 2015 — Microsoft Excel 2007 SP3; the proofing tools in Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP1, and RT; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Excel Remote Code Execution Vulnerability." Microsoft Excel 2007 SP3; las herramientas de pruebas en Office 2010 SP2; Excel 2010 SP2; Excel 2013 Gold, SP1, y RT; Excel Viewer; y Office Compatibility Pack SP3 permiten a ... • http://secunia.com/advisories/62808 • CWE-399: Resource Management Errors •
CVSS: 9.3EPSS: 22%CPEs: 4EXPL: 0CVE-2014-6360
https://notcve.org/view.php?id=CVE-2014-6360
11 Dec 2014 — Microsoft Excel 2007 SP3, Excel 2010 SP2, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Global Free Remote Code Execution in Excel Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, y Office Compatibility Pack permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocido como 'vulnerabilidad de la ejecución de código remoto de liberación global en Excel.' • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-083 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 22%CPEs: 6EXPL: 0CVE-2014-6361
https://notcve.org/view.php?id=CVE-2014-6361
11 Dec 2014 — Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold and SP1, Excel 2013 RT Gold and SP1, and Office Compatibility Pack allow remote attackers to execute arbitrary code via a crafted Office document, aka "Excel Invalid Pointer Remote Code Execution Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 Gold y SP1, Excel 2013 RT Gold y SP1, y Office Compatibility Pack permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocido como '... • https://docs.microsoft.com/en-us/security-updates/securitybulletins/2014/ms14-083 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 97%CPEs: 13EXPL: 5CVE-2013-3906 – Microsoft Graphics Component Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2013-3906
06 Nov 2013 — GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013. El componente GDI + de Microsoft Windows Vista SP2 y Server 2008 SP2, Office 2003 SP3, 2007 SP3 y 2010 SP1 y SP2, Office Compatibility Pack SP3 ... • https://packetstorm.news/files/id/124203 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 84%CPEs: 3EXPL: 0CVE-2013-3890
https://notcve.org/view.php?id=CVE-2013-3890
09 Oct 2013 — Microsoft Excel 2007 SP3, Excel Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, Excel Viewer, y Office Compatibility Pack SP3 permite a atacantes remotos ejecutar código arbitrario a través de un documento Office diseñado, también conocida como "Vulnerabilidad de Corrupción de Memoria en Microsoft Excel". • http://www.us-cert.gov/ncas/alerts/TA13-288A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 90%CPEs: 18EXPL: 0CVE-2013-3889
https://notcve.org/view.php?id=CVE-2013-3889
09 Oct 2013 — Microsoft Excel 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; Office Compatibility Pack SP3; and Excel Services and Word Automation Services in SharePoint Server 2013 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Excel Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office 2007 SP3, 2010 SP1 y SP2, 2013, y 2013 RT; Office para... • http://www.us-cert.gov/ncas/alerts/TA13-288A • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •