27 results (0.011 seconds)

CVSS: 7.8EPSS: 0%CPEs: 6EXPL: 0

Microsoft PowerPoint Remote Code Execution Vulnerability Una Vulnerabilidad de Ejecución de Código Remota de Microsoft PowerPoint This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PowerPoint presentation files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27056 https://www.zerodayinitiative.com/advisories/ZDI-21-333 •

CVSS: 9.3EPSS: 1%CPEs: 6EXPL: 0

Microsoft PowerPoint Remote Code Execution Vulnerability Vulnerabilidad de ejecución de código remota en Microsoft PowerPoint This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PowerPoint presentation files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-17124 •

CVSS: 8.8EPSS: 4%CPEs: 33EXPL: 0

A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. Hay una vulnerabilidad de ejecución de código remota cuando Microsoft Office carga inapropiadamente bibliotecas de tipos arbitrarios, también se conoce como "Microsoft Office Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2020-0991. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760 •

CVSS: 9.3EPSS: 2%CPEs: 7EXPL: 0

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka 'Microsoft PowerPoint Remote Code Execution Vulnerability'. Hay una vulnerabilidad de ejecución de código remota en el software Microsoft PowerPoint cuando el software no puede manejar apropiadamente los objetos en memoria, también se conoce como "Microsoft PowerPoint Remote Code Execution Vulnerability". This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft PowerPoint. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of PowerPoint presentation files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1462 https://www.zerodayinitiative.com/advisories/ZDI-19-1006 • CWE-908: Use of Uninitialized Resource •

CVSS: 5.5EPSS: 26%CPEs: 9EXPL: 0

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'. Existe una vulnerabilidad de omisión de la característica de seguridad cuando Microsoft Office no valida las URL. Un atacante podría enviar un archivo especialmente manipulado a una víctima, lo que podría engañarlo para que introduzca sus credenciales. Esto también se conoce como "Microsoft Office Security Feature Bypass Vulnerability". • http://www.securityfocus.com/bid/106863 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0540 • CWE-601: URL Redirection to Untrusted Site ('Open Redirect') •