CVSS: 9.3EPSS: 11%CPEs: 7EXPL: 0CVE-2017-11878 – Microsoft Office Excel Workbook Use-After-Free Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-11878
15 Nov 2017 — Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Compatibility Pack Service Pack 3, and Microsoft Excel Viewer 2007 Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Excel Memory Corruption Vulnerability". Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Ser... • http://www.securityfocus.com/bid/101756 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 26%CPEs: 10EXPL: 0CVE-2017-8631 – Microsoft Office Excel xlsb File Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2017-8631
13 Sep 2017 — A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Office Compatibility Pack Service Pack 3, Microsoft Excel Web App 2013 Service Pack 1, Microsoft Excel Viewer 2007 Service Pack 3, and Office Online Server when they fail to properly handle objects in memory, aka "Microsoft Office Me... • http://www.securityfocus.com/bid/100751 •
CVSS: 9.3EPSS: 27%CPEs: 11EXPL: 0CVE-2017-8742
https://notcve.org/view.php?id=CVE-2017-8742
13 Sep 2017 — A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle ob... • http://www.securityfocus.com/bid/100741 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 29%CPEs: 12EXPL: 0CVE-2017-8501
https://notcve.org/view.php?id=CVE-2017-8501
11 Jul 2017 — Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502. Microsoft Office permite una vulnerabilidad de ejecución remota de código debido a la forma en la que gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8502. • http://www.securityfocus.com/bid/99441 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.3EPSS: 7%CPEs: 17EXPL: 0CVE-2017-8509
https://notcve.org/view.php?id=CVE-2017-8509
15 Jun 2017 — A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506. Se presenta una vulnerabilidad de ejecución de código remota en Microsoft Office cuando el software no maneja apropiadamente los objetos en la memoria, también se conoce como "Office Remote Code Execution Vulnerability". El ID de... • http://www.securityfocus.com/bid/98812 •
CVSS: 9.3EPSS: 28%CPEs: 14EXPL: 0CVE-2017-0254
https://notcve.org/view.php?id=CVE-2017-0254
12 May 2017 — Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Office for Mac 2011, Office for Mac 2016, Microsoft Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, Word 2013 RT SP1, Word 2013 SP1, Word Automation Services on Microsoft SharePoint Server 2013 SP1, Office Word Viewer, SharePoint Enterprise Server 2016, and Word 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vul... • http://www.securityfocus.com/bid/98101 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 38%CPEs: 3EXPL: 0CVE-2017-0194
https://notcve.org/view.php?id=CVE-2017-0194
12 Apr 2017 — Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2, and Office Compatibility Pack SP2 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Microsoft Excel 2007 SP3, Microsoft Excel 2010 SP2 y Office Compatibility Pack SP2 permiten a atacantes remotos obtener información sensible de la memoria de proceso a través de un documento Office manipulado, vulnerabilidad también conocida como "Vulnerabili... • http://www.securityfocus.com/bid/97436 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 23%CPEs: 4EXPL: 0CVE-2017-0006
https://notcve.org/view.php?id=CVE-2017-0006
17 Mar 2017 — Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053. Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel V... • http://www.securityfocus.com/bid/96740 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 4.7EPSS: 29%CPEs: 6EXPL: 0CVE-2017-0027
https://notcve.org/view.php?id=CVE-2017-0027
17 Mar 2017 — Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to obtain sensitive information from process memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3 y Excel Services en SharePoint Server 2013 SP1 permiten a atacantes remotos obtener infor... • http://www.securityfocus.com/bid/96043 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 9.3EPSS: 21%CPEs: 6EXPL: 0CVE-2017-0030
https://notcve.org/view.php?id=CVE-2017-0030
17 Mar 2017 — Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053. Micr... • http://www.securityfocus.com/bid/96051 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •