Vulnerabilites related to microsoft - excel_rt
Vulnerability from fkie_nvd
Published
2018-04-12 01:29
Modified
2024-11-21 03:58
Severity ?
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1027, CVE-2018-1029.
References
▼ | URL | Tags | |
---|---|---|---|
secure@microsoft.com | http://www.securityfocus.com/bid/103611 | Third Party Advisory, VDB Entry | |
secure@microsoft.com | http://www.securitytracker.com/id/1040652 | Third Party Advisory, VDB Entry | |
secure@microsoft.com | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011 | Patch, Vendor Advisory | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/103611 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | http://www.securitytracker.com/id/1040652 | Third Party Advisory, VDB Entry | |
af854a3a-2127-422b-91ae-364da2661108 | https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011 | Patch, Vendor Advisory |
Impacted products
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "E36D981E-E56D-46C7-9486-FC691A75C497", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "F564117D-450D-45C4-9688-AF35F630A8A7", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "27745C7E-94A0-4C2A-8318-684CB85F48D2", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1027, CVE-2018-1029.", }, { lang: "es", value: "Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Excel cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como \"Microsoft Excel Remote Code Execution Vulnerability\". Esto afecta a Microsoft Excel. El ID de este CVE es diferente de CVE-2018-0920, CVE-2018-1027 y CVE-2018-1029.", }, ], id: "CVE-2018-1011", lastModified: "2024-11-21T03:58:59.530", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2018-04-12T01:29:09.487", references: [ { source: "secure@microsoft.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103611", }, { source: "secure@microsoft.com", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040652", }, { source: "secure@microsoft.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/103611", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1040652", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2021-12-15 15:15
Modified
2024-11-21 06:28
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Microsoft Excel Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | 365_apps | - | |
microsoft | 365_apps | - | |
microsoft | excel | 2013 | |
microsoft | excel | 2013 | |
microsoft | excel | 2016 | |
microsoft | excel | 2016 | |
microsoft | excel_rt | 2013 | |
microsoft | office | 2019 | |
microsoft | office | 2019 | |
microsoft | office | 2021 | |
microsoft | office | 2021 | |
microsoft | office_online_server | - | |
microsoft | office_web_apps | 2013 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*", matchCriteriaId: "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*", matchCriteriaId: "CD25F492-9272-4836-832C-8439EBE64CCF", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*", matchCriteriaId: "48B20360-1A85-4A6A-BA03-0B62C97CCB0C", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*", matchCriteriaId: "E8426C4D-C00D-44C2-B072-9D600C8B9543", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*", matchCriteriaId: "CD88F667-6773-4DB7-B6C3-9C7B769C0808", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*", matchCriteriaId: "B342EF98-B414-44D0-BAFB-FCA24294EECE", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "27745C7E-94A0-4C2A-8318-684CB85F48D2", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*", matchCriteriaId: "CF5DDD09-902E-4881-98D0-CB896333B4AA", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*", matchCriteriaId: "26A3B226-5D7C-4556-9350-5222DC8EFC2C", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*", matchCriteriaId: "1AC0C23F-FC55-4DA1-8527-EB4432038FB0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*", matchCriteriaId: "A719B461-7869-46D0-9300-D0A348DC26A5", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*", matchCriteriaId: "E98AE986-FA31-4301-8025-E8915BA4AC5E", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "B3C3FC9A-D8E5-493A-A575-C831A9A28815", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Microsoft Excel Remote Code Execution Vulnerability", }, { lang: "es", value: "Una vulnerabilidad de Ejecución de Código Remota en Microsoft Excel", }, ], id: "CVE-2021-43256", lastModified: "2024-11-21T06:28:56.303", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "secure@microsoft.com", type: "Secondary", }, { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2021-12-15T15:15:10.730", references: [ { source: "secure@microsoft.com", tags: [ "Patch", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43256", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Patch", "Vendor Advisory", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43256", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:49
Severity ?
Summary
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | excel | 2010 | |
microsoft | excel | 2013 | |
microsoft | excel | 2016 | |
microsoft | excel_rt | 2013 | |
microsoft | office | 2010 | |
microsoft | office_web_apps | 2010 | |
microsoft | powerpoint | 2010 | |
microsoft | powerpoint | 2013 | |
microsoft | powerpoint_rt | 2013 | |
microsoft | sharepoint_server | 2010 | |
microsoft | word | 2010 | |
microsoft | word | 2013 | |
microsoft | word | 2016 | |
microsoft | word_rt | 2013 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "E36D981E-E56D-46C7-9486-FC691A75C497", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "F564117D-450D-45C4-9688-AF35F630A8A7", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*", matchCriteriaId: "09BF0981-749E-470B-A7AC-95AD087797EF", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "27745C7E-94A0-4C2A-8318-684CB85F48D2", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "081DE1E3-4622-4C32-8B9C-9AEC1CD20638", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "A8235774-4B57-4793-BE26-2CDE67532EDD", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "9CCB2D72-B779-4772-8F72-7177E3F47A92", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "BA6E71BA-0EBA-40EE-8B81-92C6DECE8DB3", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:powerpoint_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "2FA6DEE3-84A5-42DC-9C52-21A3986376C9", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "9A57C675-05A9-4BC2-AE95-7CA5CA6B1F73", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "24EEDAD9-9656-4B21-82E4-D60B83777492", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "32E1400A-836A-4E48-B2CD-2B0A9A8241BA", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*", matchCriteriaId: "4DA042D4-B14E-4DDF-8423-DFB255679EFE", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:word_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "558B8B5E-125A-4370-A6E9-3CB75808D7B3", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka \"Microsoft Office Remote Code Execution Vulnerability.\"", }, { lang: "es", value: "Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services en SharePoint Server 2010 SP2 y Office Web Apps 2010 SP2 permiten a atacantes remotos ejecutar código arbitrario a través de un archivo XLA manipulado, también conocida como \"Microsoft Office Remote Code Execution Vulnerability\".", }, ], id: "CVE-2016-3279", lastModified: "2024-11-21T02:49:43.290", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 4.3, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "NONE", baseScore: 5.5, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 3.6, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-07-13T01:59:33.610", references: [ { source: "secure@microsoft.com", url: "http://www.securityfocus.com/bid/91587", }, { source: "secure@microsoft.com", url: "http://www.securitytracker.com/id/1036274", }, { source: "secure@microsoft.com", url: "http://www.securitytracker.com/id/1036275", }, { source: "secure@microsoft.com", url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91587", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036275", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-254", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2022-04-15 19:15
Modified
2024-11-21 06:54
Severity ?
Summary
Microsoft Excel Remote Code Execution Vulnerability
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | 365_apps | - | |
microsoft | excel | 2013 | |
microsoft | excel | 2016 | |
microsoft | excel_rt | 2013 | |
microsoft | office | 2013 | |
microsoft | office | 2013_rt | |
microsoft | office | 2016 | |
microsoft | office | 2019 | |
microsoft | office | 2021 | |
microsoft | office | 2021 | |
microsoft | office_online_server | - | |
microsoft | office_web_apps_server | 2013 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*", matchCriteriaId: "40C15EDD-98D4-4D06-BA06-21AE0F33C72D", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:-:*:*:*", matchCriteriaId: "BF89FEC4-936E-4226-94F9-2BD0CB0CA09F", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*", matchCriteriaId: "09BF0981-749E-470B-A7AC-95AD087797EF", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "27745C7E-94A0-4C2A-8318-684CB85F48D2", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "120690A6-E0A1-4E36-A35A-C87109ECC064", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2013_rt:sp1:*:*:*:*:*:*", matchCriteriaId: "30C744C1-EACB-4D91-A72B-468842308AA3", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*", matchCriteriaId: "E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:*", matchCriteriaId: "40961B9E-80B6-42E0-A876-58B3CE056E4E", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*", matchCriteriaId: "25D63F31-2978-4C24-B7CA-6A0398012700", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:macos:*:*", matchCriteriaId: "0DF36AFA-B48C-4423-AD1C-78EEFF85EF2C", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_online_server:-:*:*:*:*:*:*:*", matchCriteriaId: "E98AE986-FA31-4301-8025-E8915BA4AC5E", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "941B16A2-931D-4031-A016-5EA60E87BE20", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Microsoft Excel Remote Code Execution Vulnerability", }, { lang: "es", value: "Una vulnerabilidad de Ejecución de Código Remota en Microsoft Excel. Este ID de CVE es diferente de CVE-2022-24473", }, ], id: "CVE-2022-26901", lastModified: "2024-11-21T06:54:45.673", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "PARTIAL", baseScore: 6.8, confidentialityImpact: "PARTIAL", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:M/Au:N/C:P/I:P/A:P", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 6.4, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV31: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.1", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "secure@microsoft.com", type: "Secondary", }, ], }, published: "2022-04-15T19:15:14.930", references: [ { source: "secure@microsoft.com", url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "NVD-CWE-noinfo", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Vulnerability from fkie_nvd
Published
2016-07-13 01:59
Modified
2024-11-21 02:49
Severity ?
Summary
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
References
Impacted products
Vendor | Product | Version | |
---|---|---|---|
microsoft | excel | 2007 | |
microsoft | excel | 2010 | |
microsoft | excel | 2013 | |
microsoft | excel | 2016 | |
microsoft | excel_for_mac | 2011 | |
microsoft | excel_for_mac | 2016 | |
microsoft | excel_rt | 2013 | |
microsoft | excel_viewer | * | |
microsoft | office_compatibility_pack | * |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:excel:2007:sp3:*:*:*:*:*:*", matchCriteriaId: "94F5E2F8-0D37-4FCC-B55A-9F09C421272C", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*", matchCriteriaId: "E36D981E-E56D-46C7-9486-FC691A75C497", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "F564117D-450D-45C4-9688-AF35F630A8A7", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*", matchCriteriaId: "09BF0981-749E-470B-A7AC-95AD087797EF", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_for_mac:2011:*:*:*:*:*:*:*", matchCriteriaId: "0FF929F6-6551-4358-AFBE-3495E8DC7BFA", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_for_mac:2016:*:*:*:*:*:*:*", matchCriteriaId: "0C6BEA4C-18FE-48D1-86AB-670833528150", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_rt:2013:sp1:*:*:*:*:*:*", matchCriteriaId: "27745C7E-94A0-4C2A-8318-684CB85F48D2", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel_viewer:*:*:*:*:*:*:*:*", matchCriteriaId: "971EC323-267F-4DAF-BA3B-10A47A9F1ADA", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:*", matchCriteriaId: "44BC7B7B-7191-431C-8CAE-83B3F0EFF03E", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", }, { lang: "es", value: "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel para Mac 2011, Excel 2016 para Mac, Office Compatibility Pack SP3 y Excel Viewer permiten a atacantes remotos ejecutar código arbitrario a través de un documento Office manipulado, también conocida como \"Microsoft Office Memory Corruption Vulnerability\".", }, ], id: "CVE-2016-3284", lastModified: "2024-11-21T02:49:43.830", metrics: { cvssMetricV2: [ { acInsufInfo: false, baseSeverity: "HIGH", cvssData: { accessComplexity: "MEDIUM", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "COMPLETE", baseScore: 9.3, confidentialityImpact: "COMPLETE", integrityImpact: "COMPLETE", vectorString: "AV:N/AC:M/Au:N/C:C/I:C/A:C", version: "2.0", }, exploitabilityScore: 8.6, impactScore: 10, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: true, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "LOCAL", availabilityImpact: "HIGH", baseScore: 7.8, baseSeverity: "HIGH", confidentialityImpact: "HIGH", integrityImpact: "HIGH", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "REQUIRED", vectorString: "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", version: "3.0", }, exploitabilityScore: 1.8, impactScore: 5.9, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2016-07-13T01:59:38.767", references: [ { source: "secure@microsoft.com", url: "http://www.securityfocus.com/bid/91594", }, { source: "secure@microsoft.com", url: "http://www.securitytracker.com/id/1036274", }, { source: "secure@microsoft.com", url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securityfocus.com/bid/91594", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.securitytracker.com/id/1036274", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, ], sourceIdentifier: "secure@microsoft.com", vulnStatus: "Modified", weaknesses: [ { description: [ { lang: "en", value: "CWE-119", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
cve-2022-26901
Vulnerability from cvelistv5
Published
2022-04-15 19:05
Modified
2025-01-02 18:51
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901 | vendor-advisory |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Microsoft Office 2019 for Mac |
Version: 16.0.0 < 16.60.22041000 |
||||||||||||||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-03T05:18:38.113Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "Microsoft Excel Remote Code Execution Vulnerability", tags: [ "vendor-advisory", "x_transferred", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { platforms: [ "Unknown", ], product: "Microsoft Office 2019 for Mac", vendor: "Microsoft", versions: [ { lessThan: "16.60.22041000", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Office Online Server", vendor: "Microsoft", versions: [ { lessThan: "16.0.10385.20001", status: "affected", version: "16.0.1", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Microsoft 365 Apps for Enterprise", vendor: "Microsoft", versions: [ { lessThan: "https://aka.ms/OfficeSecurityReleases", status: "affected", version: "16.0.1", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Office LTSC for Mac 2021", vendor: "Microsoft", versions: [ { lessThan: "16.60.22041000", status: "affected", version: "16.0.1", versionType: "custom", }, ], }, { platforms: [ "x64-based Systems", "32-bit Systems", ], product: "Microsoft Office LTSC 2021", vendor: "Microsoft", versions: [ { lessThan: "https://aka.ms/OfficeSecurityReleases", status: "affected", version: "16.0.1", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Microsoft Excel 2016", vendor: "Microsoft", versions: [ { lessThan: "16.0.5305.1000", status: "affected", version: "16.0.0.0", versionType: "custom", }, ], }, { platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Microsoft Office 2016", vendor: "Microsoft", versions: [ { lessThan: "16.0.5305.1000", status: "affected", version: "16.0.0", versionType: "custom", }, ], }, { platforms: [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems", ], product: "Microsoft Excel 2013 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "15.0.5441.1000", status: "affected", version: "15.0.0.0", versionType: "custom", }, ], }, { platforms: [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems", ], product: "Microsoft Office 2013 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "15.0.5441.1000", status: "affected", version: "15.0.0", versionType: "custom", }, ], }, { platforms: [ "Unknown", ], product: "Microsoft Office Web Apps Server 2013 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "15.0.5441.1000", status: "affected", version: "15.0.1", versionType: "custom", }, ], }, ], cpeApplicability: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:microsoft:office:*:*:*:*:*:macos:*:*", versionEndExcluding: "16.60.22041000", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_online_server:*:*:*:*:*:*:*:*", versionEndExcluding: "16.0.10385.20001", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*", versionEndExcluding: "https://aka.ms/OfficeSecurityReleases", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:macos:*:*", versionEndExcluding: "16.60.22041000", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*", versionEndExcluding: "https://aka.ms/OfficeSecurityReleases", versionStartIncluding: "16.0.1", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:x86:*", versionEndExcluding: "16.0.5305.1000", versionStartIncluding: "16.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:x86:*", versionEndExcluding: "16.0.5305.1000", versionStartIncluding: "16.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:excel:*:sp1:*:*:rt:*:*:*", versionEndExcluding: "15.0.5441.1000", versionStartIncluding: "15.0.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office:*:sp1:*:*:rt:*:*:*", versionEndExcluding: "15.0.5441.1000", versionStartIncluding: "15.0.0", vulnerable: true, }, { criteria: "cpe:2.3:a:microsoft:office_web_apps_server:*:sp1:*:*:*:*:*:*", versionEndExcluding: "15.0.5441.1000", versionStartIncluding: "15.0.1", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], datePublic: "2022-04-12T07:00:00+00:00", descriptions: [ { lang: "en-US", value: "Microsoft Excel Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2025-01-02T18:51:39.168Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "Microsoft Excel Remote Code Execution Vulnerability", tags: [ "vendor-advisory", ], url: "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-26901", }, ], title: "Microsoft Excel Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2022-26901", datePublished: "2022-04-15T19:05:39", dateReserved: "2022-03-11T00:00:00", dateUpdated: "2025-01-02T18:51:39.168Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2021-43256
Vulnerability from cvelistv5
Published
2021-12-15 14:15
Modified
2024-08-04 03:55
Severity ?
EPSS score ?
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43256 | x_refsource_MISC |
Impacted products
Vendor | Product | Version | |||||||||||||||||||||||||
---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
▼ | Microsoft | Office Online Server |
Version: https://aka.ms/OfficeSecurityReleases < 16.0.10381.20001 cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:* |
||||||||||||||||||||||||
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-04T03:55:28.380Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_MISC", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43256", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { cpes: [ "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*", ], platforms: [ "Unknown", ], product: "Office Online Server", vendor: "Microsoft", versions: [ { lessThan: "16.0.10381.20001", status: "affected", version: "https://aka.ms/OfficeSecurityReleases", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*", ], platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Microsoft Office 2019", vendor: "Microsoft", versions: [ { lessThan: "https://aka.ms/OfficeSecurityReleases", status: "affected", version: "19.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*", ], platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Microsoft 365 Apps for Enterprise", vendor: "Microsoft", versions: [ { lessThan: "https://aka.ms/OfficeSecurityReleases", status: "affected", version: "16.0.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*", ], platforms: [ "x64-based Systems", "32-bit Systems", ], product: "Microsoft Office LTSC 2021", vendor: "Microsoft", versions: [ { lessThan: "https://aka.ms/OfficeSecurityReleases", status: "affected", version: "16.0.1", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:x64:*", ], platforms: [ "32-bit Systems", "x64-based Systems", ], product: "Microsoft Excel 2016", vendor: "Microsoft", versions: [ { lessThan: "16.0.5254.1000", status: "affected", version: "16.0.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x86:*", "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:*:*:x64:*", ], platforms: [ "ARM64-based Systems", "32-bit Systems", "x64-based Systems", ], product: "Microsoft Excel 2013 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "15.0.5407.1000", status: "affected", version: "15.0.0.0", versionType: "custom", }, ], }, { cpes: [ "cpe:2.3:a:microsoft:office_web_apps_server:2013:sp1:*:*:*:*:*:*", ], platforms: [ "Unknown", ], product: "Microsoft Office Web Apps Server 2013 Service Pack 1", vendor: "Microsoft", versions: [ { lessThan: "15.0.5407.1000", status: "affected", version: "15.0.1", versionType: "custom", }, ], }, ], datePublic: "2021-12-14T08:00:00+00:00", descriptions: [ { lang: "en-US", value: "Microsoft Excel Remote Code Execution Vulnerability", }, ], metrics: [ { cvssV3_1: { baseScore: 7.8, baseSeverity: "HIGH", vectorString: "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C", version: "3.1", }, format: "CVSS", scenarios: [ { lang: "en-US", value: "GENERAL", }, ], }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en-US", type: "Impact", }, ], }, ], providerMetadata: { dateUpdated: "2024-05-29T14:44:32.438Z", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_MISC", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-43256", }, ], title: "Microsoft Excel Remote Code Execution Vulnerability", }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2021-43256", datePublished: "2021-12-15T14:15:29", dateReserved: "2021-11-02T00:00:00", dateUpdated: "2024-08-04T03:55:28.380Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3284
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036274 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/91594 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:47:59.180Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1036274", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036274", }, { name: "MS16-088", tags: [ "vendor-advisory", "x_refsource_MS", "x_transferred", ], url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { name: "91594", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91594", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-12T00:00:00", descriptions: [ { lang: "en", value: "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-12T19:57:01", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "1036274", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036274", }, { name: "MS16-088", tags: [ "vendor-advisory", "x_refsource_MS", ], url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { name: "91594", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91594", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2016-3284", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka \"Microsoft Office Memory Corruption Vulnerability.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1036274", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036274", }, { name: "MS16-088", refsource: "MS", url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { name: "91594", refsource: "BID", url: "http://www.securityfocus.com/bid/91594", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2016-3284", datePublished: "2016-07-13T01:00:00", dateReserved: "2016-03-15T00:00:00", dateUpdated: "2024-08-05T23:47:59.180Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2016-3279
Vulnerability from cvelistv5
Published
2016-07-13 01:00
Modified
2024-08-05 23:47
Severity ?
EPSS score ?
Summary
Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka "Microsoft Office Remote Code Execution Vulnerability."
References
▼ | URL | Tags |
---|---|---|
http://www.securitytracker.com/id/1036274 | vdb-entry, x_refsource_SECTRACK | |
http://www.securitytracker.com/id/1036275 | vdb-entry, x_refsource_SECTRACK | |
https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088 | vendor-advisory, x_refsource_MS | |
http://www.securityfocus.com/bid/91587 | vdb-entry, x_refsource_BID |
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T23:47:59.157Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { name: "1036274", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036274", }, { name: "1036275", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1036275", }, { name: "MS16-088", tags: [ "vendor-advisory", "x_refsource_MS", "x_transferred", ], url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { name: "91587", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/91587", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "n/a", vendor: "n/a", versions: [ { status: "affected", version: "n/a", }, ], }, ], datePublic: "2016-07-12T00:00:00", descriptions: [ { lang: "en", value: "Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka \"Microsoft Office Remote Code Execution Vulnerability.\"", }, ], problemTypes: [ { descriptions: [ { description: "n/a", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-10-12T19:57:01", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { name: "1036274", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036274", }, { name: "1036275", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1036275", }, { name: "MS16-088", tags: [ "vendor-advisory", "x_refsource_MS", ], url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { name: "91587", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/91587", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2016-3279", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "n/a", version: { version_data: [ { version_value: "n/a", }, ], }, }, ], }, vendor_name: "n/a", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "Microsoft Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted XLA file, aka \"Microsoft Office Remote Code Execution Vulnerability.\"", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "n/a", }, ], }, ], }, references: { reference_data: [ { name: "1036274", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036274", }, { name: "1036275", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1036275", }, { name: "MS16-088", refsource: "MS", url: "https://docs.microsoft.com/en-us/security-updates/securitybulletins/2016/ms16-088", }, { name: "91587", refsource: "BID", url: "http://www.securityfocus.com/bid/91587", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2016-3279", datePublished: "2016-07-13T01:00:00", dateReserved: "2016-03-15T00:00:00", dateUpdated: "2024-08-05T23:47:59.157Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }
cve-2018-1011
Vulnerability from cvelistv5
Published
2018-04-12 01:00
Modified
2024-08-05 03:44
Severity ?
EPSS score ?
Summary
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1027, CVE-2018-1029.
References
▼ | URL | Tags |
---|---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011 | x_refsource_CONFIRM | |
http://www.securityfocus.com/bid/103611 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1040652 | vdb-entry, x_refsource_SECTRACK |
Impacted products
Vendor | Product | Version | |
---|---|---|---|
▼ | Microsoft | Microsoft Excel |
Version: 2010 Service Pack 2 (32-bit editions) Version: 2010 Service Pack 2 (64-bit editions) Version: 2013 RT Service Pack 1 Version: 2013 Service Pack 1 (32-bit editions) Version: 2013 Service Pack 1 (64-bit editions) |
|
{ containers: { adp: [ { providerMetadata: { dateUpdated: "2024-08-05T03:44:11.822Z", orgId: "af854a3a-2127-422b-91ae-364da2661108", shortName: "CVE", }, references: [ { tags: [ "x_refsource_CONFIRM", "x_transferred", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011", }, { name: "103611", tags: [ "vdb-entry", "x_refsource_BID", "x_transferred", ], url: "http://www.securityfocus.com/bid/103611", }, { name: "1040652", tags: [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred", ], url: "http://www.securitytracker.com/id/1040652", }, ], title: "CVE Program Container", }, ], cna: { affected: [ { product: "Microsoft Excel", vendor: "Microsoft", versions: [ { status: "affected", version: "2010 Service Pack 2 (32-bit editions)", }, { status: "affected", version: "2010 Service Pack 2 (64-bit editions)", }, { status: "affected", version: "2013 RT Service Pack 1", }, { status: "affected", version: "2013 Service Pack 1 (32-bit editions)", }, { status: "affected", version: "2013 Service Pack 1 (64-bit editions)", }, ], }, ], datePublic: "2018-04-11T00:00:00", descriptions: [ { lang: "en", value: "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1027, CVE-2018-1029.", }, ], problemTypes: [ { descriptions: [ { description: "Remote Code Execution", lang: "en", type: "text", }, ], }, ], providerMetadata: { dateUpdated: "2018-04-12T09:57:02", orgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", shortName: "microsoft", }, references: [ { tags: [ "x_refsource_CONFIRM", ], url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011", }, { name: "103611", tags: [ "vdb-entry", "x_refsource_BID", ], url: "http://www.securityfocus.com/bid/103611", }, { name: "1040652", tags: [ "vdb-entry", "x_refsource_SECTRACK", ], url: "http://www.securitytracker.com/id/1040652", }, ], x_legacyV4Record: { CVE_data_meta: { ASSIGNER: "secure@microsoft.com", ID: "CVE-2018-1011", STATE: "PUBLIC", }, affects: { vendor: { vendor_data: [ { product: { product_data: [ { product_name: "Microsoft Excel", version: { version_data: [ { version_value: "2010 Service Pack 2 (32-bit editions)", }, { version_value: "2010 Service Pack 2 (64-bit editions)", }, { version_value: "2013 RT Service Pack 1", }, { version_value: "2013 Service Pack 1 (32-bit editions)", }, { version_value: "2013 Service Pack 1 (64-bit editions)", }, ], }, }, ], }, vendor_name: "Microsoft", }, ], }, }, data_format: "MITRE", data_type: "CVE", data_version: "4.0", description: { description_data: [ { lang: "eng", value: "A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka \"Microsoft Excel Remote Code Execution Vulnerability.\" This affects Microsoft Excel. This CVE ID is unique from CVE-2018-0920, CVE-2018-1027, CVE-2018-1029.", }, ], }, problemtype: { problemtype_data: [ { description: [ { lang: "eng", value: "Remote Code Execution", }, ], }, ], }, references: { reference_data: [ { name: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011", refsource: "CONFIRM", url: "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1011", }, { name: "103611", refsource: "BID", url: "http://www.securityfocus.com/bid/103611", }, { name: "1040652", refsource: "SECTRACK", url: "http://www.securitytracker.com/id/1040652", }, ], }, }, }, }, cveMetadata: { assignerOrgId: "f38d906d-7342-40ea-92c1-6c4a2c6478c8", assignerShortName: "microsoft", cveId: "CVE-2018-1011", datePublished: "2018-04-12T01:00:00", dateReserved: "2017-12-01T00:00:00", dateUpdated: "2024-08-05T03:44:11.822Z", state: "PUBLISHED", }, dataType: "CVE_RECORD", dataVersion: "5.1", }