Search criteria
162 vulnerabilities found for visio by microsoft
FKIE_CVE-2024-38016
Vulnerability from fkie_nvd - Published: 2024-09-19 17:15 - Updated: 2024-09-24 11:11
Severity ?
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38016 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Office Visio"
}
],
"id": "CVE-2024-38016",
"lastModified": "2024-09-24T11:11:06.247",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2024-09-19T17:15:12.947",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38016"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-284"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-43463
Vulnerability from fkie_nvd - Published: 2024-09-10 17:15 - Updated: 2024-09-17 16:08
Severity ?
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 (High) - CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*",
"matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*",
"matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*",
"matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*",
"matchCriteriaId": "75F7306B-D1DA-48C2-AF87-4480E161D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*",
"matchCriteriaId": "BA9BCD55-F71E-4920-B906-A1386843776A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Office Visio"
}
],
"id": "CVE-2024-43463",
"lastModified": "2024-09-17T16:08:58.350",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2024-09-10T17:15:33.627",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Analyzed",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-416"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2024-20673
Vulnerability from fkie_nvd - Published: 2024-02-13 18:15 - Updated: 2024-11-21 08:52
Severity ?
Summary
Microsoft Office Remote Code Execution Vulnerability
References
| URL | Tags | ||
|---|---|---|---|
| secure@microsoft.com | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673 | Patch, Vendor Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673 | Patch, Vendor Advisory |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "09BF0981-749E-470B-A7AC-95AD087797EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2016:*:-:*:-:*:-:*",
"matchCriteriaId": "DC9D0A78-9F16-41E0-910E-E93269DB9B30",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:click-to-run:*:*:*",
"matchCriteriaId": "2C3B58F9-4BF5-4692-BBCB-1963A0A16CE0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:*:*",
"matchCriteriaId": "25D63F31-2978-4C24-B7CA-6A0398012700",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "C971A8FC-3897-496D-BB9A-9E6C8A03AEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3AA120-CE06-40A3-ADC4-C42077509287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:skype_for_business:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "D499807D-91F3-447D-B9F0-D612898C9339",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA042D4-B14E-4DDF-8423-DFB255679EFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Microsoft Office"
}
],
"id": "CVE-2024-20673",
"lastModified": "2024-11-21T08:52:53.537",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2024-02-13T18:15:47.557",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-693"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-21741
Vulnerability from fkie_nvd - Published: 2023-01-10 22:15 - Updated: 2024-11-21 07:43
Severity ?
Summary
Microsoft Office Visio Information Disclosure Vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Information Disclosure Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de divulgaci\u00f3n de informaci\u00f3n en Microsoft Office Visio"
}
],
"id": "CVE-2023-21741",
"lastModified": "2024-11-21T07:43:33.080",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 4.2,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2023-01-10T22:15:17.790",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-125"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-21736
Vulnerability from fkie_nvd - Published: 2023-01-10 22:15 - Updated: 2024-11-21 07:43
Severity ?
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"id": "CVE-2023-21736",
"lastModified": "2024-11-21T07:43:32.343",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2023-01-10T22:15:17.537",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-681"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2023-21737
Vulnerability from fkie_nvd - Published: 2023-01-10 22:15 - Updated: 2024-11-21 07:43
Severity ?
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*",
"matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*",
"matchCriteriaId": "0B3EF1E5-4757-4CFA-AE72-6BA876D3C9FD",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo en Microsoft Office Visio"
}
],
"id": "CVE-2023-21737",
"lastModified": "2024-11-21T07:43:32.473",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2023-01-10T22:15:17.600",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "CWE-122"
}
],
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-44695
Vulnerability from fkie_nvd - Published: 2022-12-13 19:15 - Updated: 2024-11-21 07:28
Severity ?
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*",
"matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*",
"matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*",
"matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x64:*",
"matchCriteriaId": "1AC0C23F-FC55-4DA1-8527-EB4432038FB0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2021:*:*:*:ltsc:*:x86:*",
"matchCriteriaId": "A719B461-7869-46D0-9300-D0A348DC26A5",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Vulnerabilidad de ejecuci\u00f3n remota de c\u00f3digo de Microsoft Office Visio"
}
],
"id": "CVE-2022-44695",
"lastModified": "2024-11-21T07:28:20.130",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2022-12-13T19:15:14.213",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2022-38010
Vulnerability from fkie_nvd - Published: 2022-09-13 19:15 - Updated: 2024-11-21 07:15
Severity ?
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x64:*",
"matchCriteriaId": "3259EBFE-AE2D-48B8-BE9A-E22BBDB31378",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:x86:*",
"matchCriteriaId": "CD25F492-9272-4836-832C-8439EBE64CCF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x64:*",
"matchCriteriaId": "CF5DDD09-902E-4881-98D0-CB896333B4AA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:x86:*",
"matchCriteriaId": "26A3B226-5D7C-4556-9350-5222DC8EFC2C",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x64:*",
"matchCriteriaId": "75F7306B-D1DA-48C2-AF87-4480E161D794",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:x86:*",
"matchCriteriaId": "BA9BCD55-F71E-4920-B906-A1386843776A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
},
{
"lang": "es",
"value": "Una vulnerabilidad de Ejecuci\u00f3n de C\u00f3digo Remota de Microsoft Office Visio. Este ID de CVE es diferente de CVE-2022-37963"
}
],
"id": "CVE-2022-38010",
"lastModified": "2024-11-21T07:15:34.063",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.8,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
}
]
},
"published": "2022-09-13T19:15:12.707",
"references": [
{
"source": "secure@microsoft.com",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2021-27055
Vulnerability from fkie_nvd - Published: 2021-03-11 16:15 - Updated: 2024-11-21 05:57
Severity ?
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
7.0 (High) - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H
Summary
Microsoft Visio Security Feature Bypass Vulnerability
References
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*",
"matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:*:*",
"matchCriteriaId": "C5282C83-86B8-442D-851D-B54E88E8B1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "ED0408B6-4FB5-45E9-AD27-301FC383152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Microsoft Visio Security Feature Bypass Vulnerability"
},
{
"lang": "es",
"value": "Una Vulnerabilidad de Omisi\u00f3n de la Caracter\u00edstica de Seguridad de Microsoft Visio"
}
],
"id": "CVE-2021-27055",
"lastModified": "2024-11-21T05:57:15.723",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "secure@microsoft.com",
"type": "Secondary"
},
{
"cvssData": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.0,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 1.0,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Secondary"
}
]
},
"published": "2021-03-11T16:15:17.333",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
FKIE_CVE-2020-0760
Vulnerability from fkie_nvd - Published: 2020-04-15 15:15 - Updated: 2024-11-21 04:54
Severity ?
Summary
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| microsoft | access | 2010 | |
| microsoft | access | 2013 | |
| microsoft | access | 2016 | |
| microsoft | excel | 2010 | |
| microsoft | excel | 2013 | |
| microsoft | excel | 2016 | |
| microsoft | office | 2010 | |
| microsoft | office | 2013 | |
| microsoft | office | 2013 | |
| microsoft | office | 2016 | |
| microsoft | office | 2019 | |
| microsoft | office_365_proplus | - | |
| microsoft | outlook | 2010 | |
| microsoft | outlook | 2013 | |
| microsoft | outlook | 2013 | |
| microsoft | outlook | 2016 | |
| microsoft | powerpoint | 2010 | |
| microsoft | powerpoint | 2013 | |
| microsoft | powerpoint | 2013 | |
| microsoft | powerpoint | 2016 | |
| microsoft | project | 2010 | |
| microsoft | project | 2013 | |
| microsoft | project | 2016 | |
| microsoft | publisher | 2010 | |
| microsoft | publisher | 2013 | |
| microsoft | publisher | 2016 | |
| microsoft | visio | 2010 | |
| microsoft | visio | 2013 | |
| microsoft | visio | 2016 | |
| microsoft | word | 2010 | |
| microsoft | word | 2013 | |
| microsoft | word | 2013 | |
| microsoft | word | 2016 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:access:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "7122C5BF-C7C8-4B20-AACF-03F0ED83A7A4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:access:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "3E995599-F698-4E73-9401-4CA47FADFCBE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:access:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "0E42DC73-F1D0-47CD-BED8-DB2C6E044E2D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "E36D981E-E56D-46C7-9486-FC691A75C497",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "3A062169-527E-43DA-8AE0-FD4FBA1B2A9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:excel:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "09BF0981-749E-470B-A7AC-95AD087797EF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "552E1557-D6FA-45DD-9B52-E13ACDBB8A62",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "F7DDFFB8-2337-4DD7-8120-56CC8EF134B4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "E0B3B0BC-C7C6-4687-AD72-DCA29FF9AE3A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:*:*",
"matchCriteriaId": "C5282C83-86B8-442D-851D-B54E88E8B1F1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*",
"matchCriteriaId": "CA035812-F35A-43F1-9A8D-EE02201AA10A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "F9A115C1-45EB-4688-AD7C-C1854850EE9B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "8D513A61-6427-4F85-AADF-99D6F223AF2B",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "DDA98A76-D0D1-4BFA-BEAC-1C2313F7B859",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "E2B1657C-0FF4-461A-BE2A-641275C4B0A0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "9CCB2D72-B779-4772-8F72-7177E3F47A92",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "F7F40F5A-E53D-430A-B3CA-8836288FE47E",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "36A1FA52-BFBD-4C88-9CBE-B68E55C75726",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "C971A8FC-3897-496D-BB9A-9E6C8A03AEA1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:project:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "39EA4DCC-AA3F-4E3B-8754-BF79B2FD8657",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:project:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "33E26FF2-B80D-4C64-B9D5-ED0DE4BF3B1F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:project:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "5AA3A3C2-DB00-4095-B445-5A5041EB3194",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "78E9611F-1DE1-4FB2-9C70-16602FFC73C7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "EB39B6EE-BC01-4D21-A3D8-CDDA268C55FF",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "AB3AA120-CE06-40A3-ADC4-C42077509287",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "ED0408B6-4FB5-45E9-AD27-301FC383152D",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*",
"matchCriteriaId": "87EBA8C7-E317-4EFD-B1AA-DD6A8B0DFDCC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "89229922-0836-4CC2-AED2-107C3142D0EA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*",
"matchCriteriaId": "24EEDAD9-9656-4B21-82E4-D60B83777492",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:-:*:*:*",
"matchCriteriaId": "D7A48E44-F01A-40AD-B8AF-8FE368248003",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:rt:*:*:*",
"matchCriteriaId": "45E21528-4B0F-4A6F-82AD-DF7FDBF67C8F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*",
"matchCriteriaId": "4DA042D4-B14E-4DDF-8423-DFB255679EFE",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka \u0027Microsoft Office Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0991."
},
{
"lang": "es",
"value": "Hay una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota cuando Microsoft Office carga inapropiadamente bibliotecas de tipos arbitrarios, tambi\u00e9n se conoce como \"Microsoft Office Remote Code Execution Vulnerability\". Este ID de CVE es diferente de CVE-2020-0991."
}
],
"id": "CVE-2020-0760",
"lastModified": "2024-11-21T04:54:09.390",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.8,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 8.6,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": true
}
],
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"exploitabilityScore": 2.8,
"impactScore": 5.9,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2020-04-15T15:15:13.777",
"references": [
{
"source": "secure@microsoft.com",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
],
"sourceIdentifier": "secure@microsoft.com",
"vulnStatus": "Modified",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
CVE-2024-38016 (GCVE-0-2024-38016)
Vulnerability from cvelistv5 – Published: 2024-09-19 17:09 – Updated: 2024-12-31 23:03
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office LTSC 2021 |
Affected:
16.0.1 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T17:43:02.481800Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T17:45:46.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5465.1001",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5465.1001",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-19T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:27.978Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38016"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38016",
"datePublished": "2024-09-19T17:09:59.949Z",
"dateReserved": "2024-06-11T18:18:00.678Z",
"dateUpdated": "2024-12-31T23:03:27.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43463 (GCVE-0-2024-43463)
Vulnerability from cvelistv5 – Published: 2024-09-10 16:53 – Updated: 2024-12-31 23:02
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43463",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:52:38.273331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:53:41.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5465.1001",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5465.1001",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:02:56.552Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43463",
"datePublished": "2024-09-10T16:53:49.777Z",
"dateReserved": "2024-08-14T01:08:33.516Z",
"dateUpdated": "2024-12-31T23:02:56.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20673 (GCVE-0-2024-20673)
Vulnerability from cvelistv5 – Published: 2024-02-13 18:02 – Updated: 2025-05-09 18:19
VLAI?
Title
Microsoft Office Remote Code Execution Vulnerability
Summary
Microsoft Office Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-16T19:36:28.789462Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T18:19:21.102Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Excel 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1001",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft PowerPoint 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Word 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Publisher 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Skype for Business 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "16.0.5435.1001",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:skype_for_business:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-02-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T01:37:00.336Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
}
],
"title": "Microsoft Office Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-20673",
"datePublished": "2024-02-13T18:02:25.889Z",
"dateReserved": "2023-11-28T22:58:12.117Z",
"dateUpdated": "2025-05-09T18:19:21.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21736 (GCVE-0-2023-21736)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:49.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5378.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5378.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681: Incorrect Conversion between Numeric Types",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:53.734Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21736",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-13T00:00:00",
"dateUpdated": "2025-01-01T00:35:53.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21737 (GCVE-0-2023-21737)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-02-28 21:14
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:50.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21737",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T20:23:40.249101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T21:14:56.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5378.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5378.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:54.298Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21737",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-13T00:00:00.000Z",
"dateUpdated": "2025-02-28T21:14:56.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21741 (GCVE-0-2023-21741)
Vulnerability from cvelistv5 – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI?
Title
Microsoft Office Visio Information Disclosure Vulnerability
Summary
Microsoft Office Visio Information Disclosure Vulnerability
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office LTSC 2021 |
Affected:
16.0.1 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:49.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5378.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5378.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:55.873Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
}
],
"title": "Microsoft Office Visio Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21741",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-13T00:00:00",
"dateUpdated": "2025-01-01T00:35:55.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44695 (GCVE-0-2022-44695)
Vulnerability from cvelistv5 – Published: 2022-12-13 00:00 – Updated: 2025-07-22 17:49
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:04.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "5511.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "5511.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "5374.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "5511.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "5511.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5374.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-12-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T17:49:42.789Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-44695",
"datePublished": "2022-12-13T00:00:00",
"dateReserved": "2022-11-03T00:00:00",
"dateUpdated": "2025-07-22T17:49:42.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38010 (GCVE-0-2022-38010)
Vulnerability from cvelistv5 – Published: 2022-09-13 18:42 – Updated: 2025-03-11 16:10
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:37:42.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5485.1001",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5485.1001",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5361.1002",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5485.1001",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5485.1001",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5361.1002",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-09-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:10:43.716Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-38010",
"datePublished": "2022-09-13T18:42:19",
"dateReserved": "2022-08-08T00:00:00",
"dateUpdated": "2025-03-11T16:10:43.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27055 (GCVE-0-2021-27055)
Vulnerability from cvelistv5 – Published: 2021-03-11 15:48 – Updated: 2024-08-03 20:40
VLAI?
Title
Microsoft Visio Security Feature Bypass Vulnerability
Summary
Microsoft Visio Security Feature Bypass Vulnerability
Severity ?
CWE
- Security Feature Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Visio 2013 Service Pack 1 |
Affected:
15.0.1 , < publication
(custom)
cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:* |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1 ",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2010 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "13.0.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-03-09T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Visio Security Feature Bypass Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Feature Bypass",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T20:09:24.582Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
}
],
"title": "Microsoft Visio Security Feature Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-27055",
"datePublished": "2021-03-11T15:48:18",
"dateReserved": "2021-02-10T00:00:00",
"dateUpdated": "2024-08-03T20:40:47.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0760 (GCVE-0-2020-0760)
Vulnerability from cvelistv5 – Published: 2020-04-15 15:12 – Updated: 2024-08-04 06:11
VLAI?
Summary
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Project |
Affected:
2013 Service Pack 1 (32-bit editions)
Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2010 Service Pack 2 (32-bit editions) Affected: 2010 Service Pack 2 (64-bit editions) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Project",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Office 365 ProPlus",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems"
},
{
"status": "affected",
"version": "64-bit Systems"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Microsoft PowerPoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Microsoft Visio",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
}
]
},
{
"product": "Microsoft Word",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Microsoft Publisher 2016 (32-bit edition)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Publisher 2016 (64-bit edition)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Access",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
}
]
},
{
"product": "Microsoft Outlook",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
}
]
},
{
"product": "Microsoft Publisher 2013 Service Pack 1 (32-bit editions)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Publisher 2013 Service Pack 1 (64-bit editions)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Publisher",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka \u0027Microsoft Office Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0991."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T15:12:40",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Project",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Office 365 ProPlus",
"version": {
"version_data": [
{
"version_value": "32-bit Systems"
},
{
"version_value": "64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft PowerPoint",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Visio",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Word",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Publisher 2016 (32-bit edition)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Publisher 2016 (64-bit edition)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Access",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Outlook",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Publisher 2013 Service Pack 1 (32-bit editions)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Publisher 2013 Service Pack 1 (64-bit editions)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Publisher",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka \u0027Microsoft Office Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0991."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0760",
"datePublished": "2020-04-15T15:12:40",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-38016 (GCVE-0-2024-38016)
Vulnerability from nvd – Published: 2024-09-19 17:09 – Updated: 2024-12-31 23:03
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-284 - Improper Access Control
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office LTSC 2021 |
Affected:
16.0.1 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-38016",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-19T17:43:02.481800Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-19T17:45:46.902Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5465.1001",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5465.1001",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-19T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-284",
"description": "CWE-284: Improper Access Control",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:03:27.978Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-38016"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-38016",
"datePublished": "2024-09-19T17:09:59.949Z",
"dateReserved": "2024-06-11T18:18:00.678Z",
"dateUpdated": "2024-12-31T23:03:27.978Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-43463 (GCVE-0-2024-43463)
Vulnerability from nvd – Published: 2024-09-10 16:53 – Updated: 2024-12-31 23:02
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-416 - Use After Free
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-43463",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-09-10T18:52:38.273331Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-09-10T18:53:41.566Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5465.1001",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5465.1001",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-09-10T07:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-416",
"description": "CWE-416: Use After Free",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-12-31T23:02:56.552Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-43463"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-43463",
"datePublished": "2024-09-10T16:53:49.777Z",
"dateReserved": "2024-08-14T01:08:33.516Z",
"dateUpdated": "2024-12-31T23:02:56.552Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-20673 (GCVE-0-2024-20673)
Vulnerability from nvd – Published: 2024-02-13 18:02 – Updated: 2025-05-09 18:19
VLAI?
Title
Microsoft Office Remote Code Execution Vulnerability
Summary
Microsoft Office Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-693 - Protection Mechanism Failure
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
||||||||||||||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-01T21:59:42.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-20673",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-02-16T19:36:28.789462Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-09T18:19:21.102Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Excel 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1001",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft PowerPoint 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Word 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Publisher 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "16.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Skype for Business 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5435.1000",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:excel:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "16.0.5435.1001",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:powerpoint:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:word:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:publisher:*:*:*:*:*:*:x86:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "16.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:skype_for_business:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5435.1000",
"versionStartIncluding": "0",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2024-02-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-693",
"description": "CWE-693: Protection Mechanism Failure",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-05-03T01:37:00.336Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2024-20673"
}
],
"title": "Microsoft Office Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2024-20673",
"datePublished": "2024-02-13T18:02:25.889Z",
"dateReserved": "2023-11-28T22:58:12.117Z",
"dateUpdated": "2025-05-09T18:19:21.102Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21736 (GCVE-0-2023-21736)
Vulnerability from nvd – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-681 - Incorrect Conversion between Numeric Types
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:49.401Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5378.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5378.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-681",
"description": "CWE-681: Incorrect Conversion between Numeric Types",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:53.734Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21736"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21736",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-13T00:00:00",
"dateUpdated": "2025-01-01T00:35:53.734Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21737 (GCVE-0-2023-21737)
Vulnerability from nvd – Published: 2023-01-10 00:00 – Updated: 2025-02-28 21:14
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- CWE-122 - Heap-based Buffer Overflow
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:50.151Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-21737",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-02-28T20:23:40.249101Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-02-28T21:14:56.205Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5378.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5378.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-122",
"description": "CWE-122: Heap-based Buffer Overflow",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:54.298Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21737"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21737",
"datePublished": "2023-01-10T00:00:00.000Z",
"dateReserved": "2022-12-13T00:00:00.000Z",
"dateUpdated": "2025-02-28T21:14:56.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-21741 (GCVE-0-2023-21741)
Vulnerability from nvd – Published: 2023-01-10 00:00 – Updated: 2025-01-01 00:35
VLAI?
Title
Microsoft Office Visio Information Disclosure Vulnerability
Summary
Microsoft Office Visio Information Disclosure Vulnerability
Severity ?
CWE
- CWE-125 - Out-of-bounds Read
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office LTSC 2021 |
Affected:
16.0.1 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T09:51:49.374Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Information Disclosure Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5519.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5378.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5519.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5378.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2023-01-10T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Information Disclosure Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.1,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:L/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-125",
"description": "CWE-125: Out-of-bounds Read",
"lang": "en-US",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-01T00:35:55.873Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Information Disclosure Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2023-21741"
}
],
"title": "Microsoft Office Visio Information Disclosure Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2023-21741",
"datePublished": "2023-01-10T00:00:00",
"dateReserved": "2022-12-13T00:00:00",
"dateUpdated": "2025-01-01T00:35:55.873Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-44695 (GCVE-0-2022-44695)
Vulnerability from nvd – Published: 2022-12-13 00:00 – Updated: 2025-07-22 17:49
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T13:54:04.095Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "5511.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "5511.1000",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "5374.1000",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office_2019:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_2021:*:*:*:*:long_term_servicing_channel:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "5511.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio_2013:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "5511.1000",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio_2016:*:*:*:*:*:*:*:*",
"versionEndExcluding": "5374.1000",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-12-13T08:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-22T17:49:42.789Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-44695"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-44695",
"datePublished": "2022-12-13T00:00:00",
"dateReserved": "2022-11-03T00:00:00",
"dateUpdated": "2025-07-22T17:49:42.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2022-38010 (GCVE-0-2022-38010)
Vulnerability from nvd – Published: 2022-09-13 18:42 – Updated: 2025-03-11 16:10
VLAI?
Title
Microsoft Office Visio Remote Code Execution Vulnerability
Summary
Microsoft Office Visio Remote Code Execution Vulnerability
Severity ?
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Office 2019 |
Affected:
19.0.0 , < https://aka.ms/OfficeSecurityReleases
(custom)
|
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T10:37:42.623Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft Office LTSC 2021",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5485.1001",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "15.0.5485.1001",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "16.0.5361.1002",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"cpeApplicability": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "19.0.0",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:365_apps:*:*:*:*:enterprise:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:office_long_term_servicing_channel:*:*:*:*:*:*:*:*",
"versionEndExcluding": "https://aka.ms/OfficeSecurityReleases",
"versionStartIncluding": "16.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5485.1001",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:sp1:*:*:*:*:*:*",
"versionEndExcluding": "15.0.5485.1001",
"versionStartIncluding": "15.0.1",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:microsoft:visio:*:*:*:*:*:*:*:*",
"versionEndExcluding": "16.0.5361.1002",
"versionStartIncluding": "16.0.1",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"datePublic": "2022-09-13T07:00:00.000Z",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-11T16:10:43.716Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"name": "Microsoft Office Visio Remote Code Execution Vulnerability",
"tags": [
"vendor-advisory"
],
"url": "https://msrc.microsoft.com/update-guide/vulnerability/CVE-2022-38010"
}
],
"title": "Microsoft Office Visio Remote Code Execution Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2022-38010",
"datePublished": "2022-09-13T18:42:19",
"dateReserved": "2022-08-08T00:00:00",
"dateUpdated": "2025-03-11T16:10:43.716Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2021-27055 (GCVE-0-2021-27055)
Vulnerability from nvd – Published: 2021-03-11 15:48 – Updated: 2024-08-03 20:40
VLAI?
Title
Microsoft Visio Security Feature Bypass Vulnerability
Summary
Microsoft Visio Security Feature Bypass Vulnerability
Severity ?
CWE
- Security Feature Bypass
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Visio 2013 Service Pack 1 |
Affected:
15.0.1 , < publication
(custom)
cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:* |
|||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T20:40:47.084Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2013:sp1:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems"
],
"product": "Microsoft Visio 2013 Service Pack 1 ",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "15.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2016:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2016",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:visio:2010:sp2:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Visio 2010 Service Pack 2",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "publication",
"status": "affected",
"version": "13.0.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"product": "Microsoft Office 2019",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "19.0.0",
"versionType": "custom"
}
]
},
{
"cpes": [
"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"product": "Microsoft 365 Apps for Enterprise",
"vendor": "Microsoft",
"versions": [
{
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"status": "affected",
"version": "16.0.1",
"versionType": "custom"
}
]
}
],
"datePublic": "2021-03-09T08:00:00+00:00",
"descriptions": [
{
"lang": "en-US",
"value": "Microsoft Visio Security Feature Bypass Vulnerability"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en-US",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Security Feature Bypass",
"lang": "en-US",
"type": "Impact"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-12-29T20:09:24.582Z",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2021-27055"
}
],
"title": "Microsoft Visio Security Feature Bypass Vulnerability"
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2021-27055",
"datePublished": "2021-03-11T15:48:18",
"dateReserved": "2021-02-10T00:00:00",
"dateUpdated": "2024-08-03T20:40:47.084Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-0760 (GCVE-0-2020-0760)
Vulnerability from nvd – Published: 2020-04-15 15:12 – Updated: 2024-08-04 06:11
VLAI?
Summary
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
Severity ?
No CVSS data available.
CWE
- Remote Code Execution
Assigner
References
| URL | Tags | ||||
|---|---|---|---|---|---|
|
|||||
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Microsoft | Microsoft Project |
Affected:
2013 Service Pack 1 (32-bit editions)
Affected: 2013 Service Pack 1 (64-bit editions) Affected: 2016 (32-bit edition) Affected: 2016 (64-bit edition) Affected: 2010 Service Pack 2 (32-bit editions) Affected: 2010 Service Pack 2 (64-bit editions) |
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T06:11:05.570Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "Microsoft Project",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
}
]
},
{
"product": "Microsoft Office",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2019 for 32-bit editions"
},
{
"status": "affected",
"version": "2019 for 64-bit editions"
},
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Office 365 ProPlus",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "32-bit Systems"
},
{
"status": "affected",
"version": "64-bit Systems"
}
]
},
{
"product": "Microsoft Excel",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Microsoft PowerPoint",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Microsoft Visio",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
}
]
},
{
"product": "Microsoft Word",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
}
]
},
{
"product": "Microsoft Publisher 2016 (32-bit edition)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Publisher 2016 (64-bit edition)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Access",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
}
]
},
{
"product": "Microsoft Outlook",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2016 (32-bit edition)"
},
{
"status": "affected",
"version": "2016 (64-bit edition)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (32-bit editions)"
},
{
"status": "affected",
"version": "2013 Service Pack 1 (64-bit editions)"
},
{
"status": "affected",
"version": "2013 RT Service Pack 1"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
}
]
},
{
"product": "Microsoft Publisher 2013 Service Pack 1 (32-bit editions)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Publisher 2013 Service Pack 1 (64-bit editions)",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "unspecified"
}
]
},
{
"product": "Microsoft Publisher",
"vendor": "Microsoft",
"versions": [
{
"status": "affected",
"version": "2010 Service Pack 2 (64-bit editions)"
},
{
"status": "affected",
"version": "2010 Service Pack 2 (32-bit editions)"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka \u0027Microsoft Office Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0991."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-15T15:12:40",
"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"shortName": "microsoft"
},
"references": [
{
"tags": [
"x_refsource_MISC"
],
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "secure@microsoft.com",
"ID": "CVE-2020-0760",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "Microsoft Project",
"version": {
"version_data": [
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Office",
"version": {
"version_data": [
{
"version_value": "2019 for 32-bit editions"
},
{
"version_value": "2019 for 64-bit editions"
},
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Office 365 ProPlus",
"version": {
"version_data": [
{
"version_value": "32-bit Systems"
},
{
"version_value": "64-bit Systems"
}
]
}
},
{
"product_name": "Microsoft Excel",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft PowerPoint",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Visio",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Word",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Publisher 2016 (32-bit edition)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Publisher 2016 (64-bit edition)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Access",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Outlook",
"version": {
"version_data": [
{
"version_value": "2016 (32-bit edition)"
},
{
"version_value": "2016 (64-bit edition)"
},
{
"version_value": "2013 Service Pack 1 (32-bit editions)"
},
{
"version_value": "2013 Service Pack 1 (64-bit editions)"
},
{
"version_value": "2013 RT Service Pack 1"
},
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
}
]
}
},
{
"product_name": "Microsoft Publisher 2013 Service Pack 1 (32-bit editions)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Publisher 2013 Service Pack 1 (64-bit editions)",
"version": {
"version_data": [
{
"version_value": ""
}
]
}
},
{
"product_name": "Microsoft Publisher",
"version": {
"version_data": [
{
"version_value": "2010 Service Pack 2 (64-bit editions)"
},
{
"version_value": "2010 Service Pack 2 (32-bit editions)"
}
]
}
}
]
},
"vendor_name": "Microsoft"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka \u0027Microsoft Office Remote Code Execution Vulnerability\u0027. This CVE ID is unique from CVE-2020-0991."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760",
"refsource": "MISC",
"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8",
"assignerShortName": "microsoft",
"cveId": "CVE-2020-0760",
"datePublished": "2020-04-15T15:12:40",
"dateReserved": "2019-11-04T00:00:00",
"dateUpdated": "2024-08-04T06:11:05.570Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}