CVSS: 9.3EPSS: 13%CPEs: 10EXPL: 0CVE-2018-1028
https://notcve.org/view.php?id=CVE-2018-1028
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server. Existe una vulnerabilidad de ejecución remota de código cuando el componente de gráficos de Office gestiona fuentes embebidas especialmente manipuladas. Esto también se conoce como "Microsoft Office Graphics Remote Code Execution Vulnerability". Esto afecta a Word, Microsoft Office, Microsoft SharePoint, Excel y Microsoft SharePoint Server. • http://www.securityfocus.com/bid/103641 http://www.securitytracker.com/id/1040654 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028 • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 9.3EPSS: 27%CPEs: 9EXPL: 0CVE-2018-1029
https://notcve.org/view.php?id=CVE-2018-1029
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel Viewer, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1011, CVE-2018-1027. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Excel cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Excel Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/103617 http://www.securitytracker.com/id/1040652 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1029 •
CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0CVE-2018-0907
https://notcve.org/view.php?id=CVE-2018-0907
Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac allow a security feature bypass vulnerability due to how macro settings are enforced, aka "Microsoft Office Excel Security Feature Bypass". Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run y Microsoft Office 2016 para Mac permiten una vulnerabilidad de omisión de la característica de seguridad debido a la forma en la que se aplican las configuraciones de macros. Esto también se conoce como "Microsoft Office Excel Security Feature Bypass". • http://www.securityfocus.com/bid/103325 http://www.securitytracker.com/id/1040524 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0907 •
CVSS: 9.3EPSS: 20%CPEs: 8EXPL: 0CVE-2018-0796 – Microsoft Office Excel Formula Type Confusion Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-0796
Microsoft Excel in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability". Microsoft Excel en Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permiten una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Excel Remote Code Execution Vulnerability". This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of formulas in XLS files. • http://www.securityfocus.com/bid/102372 http://www.securitytracker.com/id/1040153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0796 •
CVSS: 5.5EPSS: 0%CPEs: 8EXPL: 0CVE-2017-11877
https://notcve.org/view.php?id=CVE-2017-11877
Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3, and Microsoft Excel 2016 for Mac allow a security feature bypass by not enforcing macro settings on an Excel document, aka "Microsoft Excel Security Feature Bypass Vulnerability". Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Viewer 2007 Service Pack 3 y Microsoft Excel 2016 para Mac permiten la omisión de una característica de seguridad debido a que no se impone la configuración de macros en un documento de Excel. Esto también se conoce como "Microsoft Excel Security Feature Bypass Vulnerability". • http://www.securityfocus.com/bid/101747 http://www.securitytracker.com/id/1039783 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-11877 •