CVSS: 9.3EPSS: 70%CPEs: 8EXPL: 0CVE-2016-7228
https://notcve.org/view.php?id=CVE-2016-7228
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 para Mac y Office Compatibility Pack SP3 permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/93994 http://www.securitytracker.com/id/1037246 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 70%CPEs: 4EXPL: 0CVE-2016-7245
https://notcve.org/view.php?id=CVE-2016-7245
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1 y Office 2016 permiten a atacantes remotos ejecutar un código arbitrario a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/94026 http://www.securitytracker.com/id/1037246 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 70%CPEs: 4EXPL: 0CVE-2016-7231
https://notcve.org/view.php?id=CVE-2016-7231
Microsoft Excel 2007 SP3, Excel for Mac 2011, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Excel 2007 SP3, Excel para Mac 2011, Office Compatibility Pack SP3 y Excel Viewer permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/93996 http://www.securitytracker.com/id/1037246 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-133 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 73%CPEs: 10EXPL: 0CVE-2016-7193 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2016-7193
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word para Mac 2011, Word 2016 para Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services en SharePoint Server 2010 SP2, Word Automation Services en SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1 y Office Online Server permiten a atacantes remotos ejecutar un código arbitrario a través de un documento RTF manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". Microsoft Office contains a memory corruption vulnerability which can allow for remote code execution. • http://www.securityfocus.com/bid/93372 http://www.securitytracker.com/id/1036984 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-121 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 6.5EPSS: 0%CPEs: 5EXPL: 0CVE-2016-0141
https://notcve.org/view.php?id=CVE-2016-0141
The Visual Basic macros in Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2016 export a certificate-store private key during a document-save operation, which allows attackers to obtain sensitive information via unspecified vectors, aka "Microsoft Information Disclosure Vulnerability." Las macros de Visual Basic en Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1 y 2016 exportan una clave privada del certificado de almacenamiento durante una operación de guardado de documento, lo que permite a atacantes obtener información sensible a través de vectores no especificados, vulnerabilidad también conocida como "Microsoft Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/92903 http://www.securitytracker.com/id/1036785 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •