Page 4 of 157 results (0.005 seconds)

CVSS: 7.8EPSS: 1%CPEs: 14EXPL: 0

Microsoft Excel Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft Excel. Este ID de CVE es diferente de CVE-2021-1713 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1714 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1714 •

CVSS: 9.3EPSS: 1%CPEs: 15EXPL: 0

Microsoft Word Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft Word. Este ID de CVE es diferente de CVE-2021-1716 This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of DOC files. The issue results from the lack of proper validation of user-supplied data, which can result in a write past the end of an allocated buffer. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-1715 https://msrc.microsoft.com/update-guide/vulnerability/CVE-2021-1715 • CWE-787: Out-of-bounds Write •

CVSS: 9.3EPSS: 1%CPEs: 3EXPL: 0

Microsoft Excel Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota en Microsoft Excel. Este ID de CVE es diferente a CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129 • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17122 •

CVSS: 7.8EPSS: 1%CPEs: 18EXPL: 0

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-16929 https://www.zerodayinitiative.com/advisories/ZDI-20-1251 • CWE-416: Use After Free •

CVSS: 8.8EPSS: 2%CPEs: 13EXPL: 0

<p>A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1335 •