17 results (0.004 seconds)

CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0

CVE-2021-27055 – Microsoft Visio Security Feature Bypass Vulnerability

https://notcve.org/view.php?id=CVE-2021-27055

11 Mar 2021 — Microsoft Visio Security Feature Bypass Vulnerability Una Vulnerabilidad de Omisión de la Característica de Seguridad de Microsoft Visio • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055 •

CVSS: 8.8EPSS: 37%CPEs: 33EXPL: 0

CVE-2020-0760

https://notcve.org/view.php?id=CVE-2020-0760

15 Apr 2020 — A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991. Hay una vulnerabilidad de ejecución de código remota cuando Microsoft Office carga inapropiadamente bibliotecas de tipos arbitrarios, también se conoce como "Microsoft Office Remote Code Execution Vulnerability". Este ID de CVE es diferente de CVE-2020-0991. • https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760 •

CVSS: 9.3EPSS: 85%CPEs: 6EXPL: 3

CVE-2016-3235 – Microsoft Office OLE DLL Side Loading Vulnerability

https://notcve.org/view.php?id=CVE-2016-3235

15 Jun 2016 — Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3, and Visio Viewer 2010 mishandle library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability." Microsoft Visio 2007 SP3, Visio 2010 SP2, Visio 2013 SP1, Visio 2016, Visio Viewer 2007 SP3 y Visio Viewer 2010 no maneja adecuadamente la carga de librerías, lo que permite a usuarios locales obtener privilegios a través de una aplicación ... • https://packetstorm.news/files/id/139671 •

CVSS: 4.3EPSS: 13%CPEs: 25EXPL: 0

CVE-2016-0012

https://notcve.org/view.php?id=CVE-2016-0012

13 Jan 2016 — Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013 SP1, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Office 2016, Excel 2016, PowerPoint 2016, Visio 2016, Word 2016, and Visual Basic 6.0 Runtime allow remote attackers to bypass the ASLR protection mechanism via unspecified vectors, aka ... • http://www.securitytracker.com/id/1034651 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 31%CPEs: 44EXPL: 0

CVE-2015-2503

https://notcve.org/view.php?id=CVE-2015-2503

11 Nov 2015 — Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visi... • http://www.securitytracker.com/id/1034117 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 9.3EPSS: 28%CPEs: 2EXPL: 0

CVE-2015-2557 – Microsoft Office Visio UML Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2015-2557

13 Oct 2015 — Buffer overflow in Microsoft Visio 2007 SP3 and 2010 SP2 allows remote attackers to execute arbitrary code via crafted UML data in an Office document, aka "Microsoft Office Memory Corruption Vulnerability." Desbordamiento de buffer en Microsoft Visio 2007 SP3 y 2010 SP2 permite a atacantes remotos ejecutar código arbitrario a través de datos UML manipulados en un documento Office, también conocido como 'Microsoft Office Memory Corruption Vulnerability'. This vulnerability allows remote attackers to execute ... • http://www.securitytracker.com/id/1033803 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •

CVSS: 7.8EPSS: 19%CPEs: 36EXPL: 0

CVE-2015-2423

https://notcve.org/view.php?id=CVE-2015-2423

15 Aug 2015 — Microsoft Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows 8.1, Windows Server 2012 Gold and R2, Windows RT Gold and 8.1, Windows 10, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Visio 2013 RT SP1, Word 2013 RT SP1, and Internet Explorer 7 through 11 al... • http://www.securitytracker.com/id/1033237 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 7.5EPSS: 26%CPEs: 3EXPL: 0

CVE-2013-1301

https://notcve.org/view.php?id=CVE-2013-1301

15 May 2013 — Microsoft Visio 2003 SP3 2007 SP3, and 2010 SP1 allows remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, aka "XML External Entities Resolution Vulnerability." Microsoft Visio 2003 SP3 2007 SP3, y 2010 SP1 permite a atacantes remotos leer ficheros de su elección mediante un documento XML conteniendo una declaración de entidad externa junto con una referencia de entidad, también conocido como "Vulnerabilidad de reslu... • http://www.us-cert.gov/ncas/alerts/TA13-134A • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •

CVSS: 9.3EPSS: 59%CPEs: 6EXPL: 0

CVE-2013-0079

https://notcve.org/view.php?id=CVE-2013-0079

13 Mar 2013 — Microsoft Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file that triggers incorrect memory allocation, aka "Visio Viewer Tree Object Type Confusion Vulnerability." Microsoft Visio Viewer 2010 SP1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo Visio especialmente manipulado, lo que provoca una reserva de memoria incorrecta. Aka Microsoft Visio Viewer 2010 • http://www.kb.cert.org/vuls/id/851777 •

CVSS: 9.3EPSS: 59%CPEs: 4EXPL: 0

CVE-2012-1888 – Microsoft Visio DWGDP MTEXT Remote Code Execution Vulnerability

https://notcve.org/view.php?id=CVE-2012-1888

15 Aug 2012 — Buffer overflow in Microsoft Visio 2010 SP1 and Visio Viewer 2010 SP1 allows remote attackers to execute arbitrary code via a crafted Visio file, aka "Visio DXF File Format Buffer Overflow Vulnerability." Desbordamiento de búfer en Microsoft Visio 2010 Service Pack 1 y Visio Viewer 2010 Service Pack 1 permite a atacantes remotos ejecutar código arbitrario a través de un archivo de Visio especialmente diseñado, también conocido como "desbordamiento de búfer Visio DXF File Format". This vulnerability allows r... • http://www.us-cert.gov/cas/techalerts/TA12-227A.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •