CVE-2018-8427
https://notcve.org/view.php?id=CVE-2018-8427
An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer. Existe una vulnerabilidad de divulgación de información cuando el componente Windows Graphics de Microsoft gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Graphics Components Information Disclosure Vulnerability". Esto afecta a Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer y Microsoft Excel Viewer. • http://www.securityfocus.com/bid/105453 http://www.securitytracker.com/id/1041823 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8427 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2018-8432
https://notcve.org/view.php?id=CVE-2018-8432
A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008. Existe una vulnerabilidad de ejecución remota de código debido a la forma en la que Microsoft Graphics Components gestiona los objetos en la memoria. Esto también se conoce como "Microsoft Graphics Components Remote Code Execution Vulnerability". Esto afecta a Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10 y Windows Server 2008. • http://www.securityfocus.com/bid/105458 http://www.securitytracker.com/id/1041823 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432 •
CVE-2017-8742
https://notcve.org/view.php?id=CVE-2017-8742
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8743. Existe una vulnerabilidad de ejecución remota de código en Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2 y Microsoft Office Compatibility Pack Service Pack 3 cuando manejan incorrectamente objetos en la memoria. Esto también se conoce como "PowerPoint Remote Code Execution Vulnerability" El ID de este CVE es distinto a CVE-2017-8743. • http://www.securityfocus.com/bid/100741 http://www.securitytracker.com/id/1039323 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2017-8742 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-3360
https://notcve.org/view.php?id=CVE-2016-3360
Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 for Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, PowerPoint 2013 RT SP1, PowerPoint 2016 para Mac, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2 y Office Web Apps Server 2013 SP1 permiten a atacantes remotos ejecutar código arbitrario a través de un documento manipulado, vulnerabilidad también conocida como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/92796 http://www.securitytracker.com/id/1036785 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-107 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVE-2016-0010
https://notcve.org/view.php?id=CVE-2016-0010
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel para Mac 2011, PowerPoint para Mac 2011, Word para Mac 2011, Excel 2016 para Mac, PowerPoint 2016 para Mac, Word 2016 para Mac y Word Viewer permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocido como "Microsoft Office Memory Corruption Vulnerability". • http://www.securitytracker.com/id/1034651 https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-004 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •