Page 41 of 551 results (0.006 seconds)

CVSS: 3.3EPSS: 2%CPEs: 22EXPL: 0

The Windows Graphics Device Interface (GDI) in Microsoft Windows Server 2008 SP2 and R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold and R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703, and Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office for Mac 2011 and 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; and Live Meeting 2007 Add-in and Console allows an authenticated attacker to retrieve information from a targeted system via a specially crafted application, aka "Windows GDI+ Information Disclosure Vulnerability." La interfaz Graphics Device Interface (GDI) de Windows en Microsoft Windows Server 2008 SP2 y R2 SP1; Windows 7 SP1; Windows 8.1; Windows Server 2012 Gold y R2; Windows RT 8.1; Windows 10 Gold, 1511, 1607, 1703 y Server 2016; Office 2007 SP3; Office 2010 SP2; Word Viewer; Office para Mac 2011 y 2016; Skype for Business 2016; Lync 2013 SP1; Lync 2010; Lync 2010 Attendee; y Live Meeting 2007 Add-in y Console permite que un atacante autenticado recupere información de un sistema objetivo mediante una aplicación especialmente manipulada. Esto también se conoce como "Windows GDI+ Information Disclosure Vulnerability." This vulnerability allows remote attackers to disclose sensitive information on vulnerable installations of Microsoft Windows. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the handling of bitmap image data in graphics files. • http://www.securityfocus.com/bid/100755 http://www.securitytracker.com/id/1039333 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8676 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 35%CPEs: 4EXPL: 0

A remote code execution vulnerability exists in Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, and Microsoft Excel 2016 when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8632, and CVE-2017-8731. Existe una vulnerabilidad de ejecución remota de código en Excel Services, Microsoft Excel 2007 Service Pack 3, Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1 y Microsoft Excel 2016 cuando no manejan correctamente los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability" El ID de este CVE es distinto a CVE-2017-8630, CVE-2017-8632 y CVE-2017-8731. This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. • http://www.securityfocus.com/bid/100748 http://www.securitytracker.com/id/1039315 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8744 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 23%CPEs: 12EXPL: 0

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8502. Microsoft Office permite una vulnerabilidad de ejecución remota de código debido a la forma en la que gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". El ID de este CVE es diferente de CVE-2017-8502. • http://www.securityfocus.com/bid/99441 http://www.securitytracker.com/id/1038851 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-8501 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 9.3EPSS: 97%CPEs: 5EXPL: 9

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0243. Microsoft Office permite una vulnerabilidad de ejecución remota de código debido a la forma en la que gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Office Remote Code Execution Vulnerability". El ID de este CVE es diferente de CVE-2017-0243. • https://www.exploit-db.com/exploits/44263 https://github.com/rxwx/CVE-2017-8570 https://github.com/Drac0nids/CVE-2017-8570 https://github.com/MaxSecurity/Office-CVE-2017-8570 https://github.com/SwordSheath/CVE-2017-8570 https://github.com/sasqwatch/CVE-2017-8570 https://github.com/erfze/CVE-2017-8570 http://www.securityfocus.com/bid/99445 https://github.com/ParsingTeam/ppsx-file-generator https://github.com/tezukanice/Office8570 https://portal.msrc.microsoft.com/en-us& •

CVSS: 9.3EPSS: 17%CPEs: 4EXPL: 0

Microsoft Office allows a remote code execution vulnerability due to the way that it handles objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8570. Microsoft Office permite una vulnerabilidad de ejecución de código remota debido a la manera en que se manejan los objetos en la memoria, también se conoce como "Microsoft Office Remote Code Execution Vulnerability". Este ID de CVE es diferente del CVE-2017-8570. • http://www.securityfocus.com/bid/99446 http://www.securitytracker.com/id/1038851 https://portal.msrc.microsoft.com/en-us/security-guidance/advisory/CVE-2017-0243 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •