Executive Summary
Summary | |
---|---|
Title | Vulnerabilities in Microsoft SharePoint Server Could Allow Remote Code Execution (2834052) |
Informations | |||
---|---|---|---|
Name | MS13-067 | First vendor Publication | 2013-09-10 |
Vendor | Microsoft | Last vendor Modification | 2013-11-06 |
Severity (Vendor) | Critical | Revision | 1.3 |
Security-Database Scoring CVSS v3
Cvss vector : N/A | |||
---|---|---|---|
Overall CVSS Score | NA | ||
Base Score | NA | Environmental Score | NA |
impact SubScore | NA | Temporal Score | NA |
Exploitabality Sub Score | NA | ||
Calculate full CVSS 3.0 Vectors scores |
Security-Database Scoring CVSS v2
Cvss vector : (AV:N/AC:L/Au:N/C:C/I:C/A:C) | |||
---|---|---|---|
Cvss Base Score | 10 | Attack Range | Network |
Cvss Impact Score | 10 | Attack Complexity | Low |
Cvss Expoit Score | 10 | Authentication | None Required |
Calculate full CVSS 2.0 Vectors scores |
Detail
Revision Note: V1.3 (November 6, 2013): Corrected the product name for the Microsoft Office Web Apps Server 2013 (2817305) update. This is an informational change only. There were no changes to the update files or detection logic. Customers who have not applied the 2817305 update should reevaluate the applicability of the update for their environments based on the corrected information. |
Original Source
Url : http://technet.microsoft.com/en-us/security/bulletin/ms13-067 |
CWE : Common Weakness Enumeration
% | Id | Name |
---|---|---|
60 % | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
20 % | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') (CWE/SANS Top 25) |
20 % | CWE-20 | Improper Input Validation |
OVAL Definitions
Definition Id: oval:org.mitre.oval:def:18281 | |||
Oval ID: | oval:org.mitre.oval:def:18281 | ||
Title: | Word Memory Corruption Vulnerability (CVE-2013-3848) - MS13-072 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3849, and CVE-2013-3858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3848 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18333 | |||
Oval ID: | oval:org.mitre.oval:def:18333 | ||
Title: | Microsoft Office memory corruption vulnerability (CVE-2013-1315) - MS13-067 | ||
Description: | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1315 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18543 | |||
Oval ID: | oval:org.mitre.oval:def:18543 | ||
Title: | Microsoft Office Memory Corruption Vulnerability (CVE-2013-1315) MS13-073 (Mac OS X) | ||
Description: | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
Family: | macos | Class: | vulnerability |
Reference(s): | CVE-2013-1315 | Version: | 3 |
Platform(s): | Apple Mac OS X Apple Mac OS X Server | Product(s): | Microsoft Office 2011 for Mac |
Definition Synopsis: | |||
Definition Id: oval:org.mitre.oval:def:18709 | |||
Oval ID: | oval:org.mitre.oval:def:18709 | ||
Title: | Word Memory Corruption Vulnerability (CVE-2013-3858) - MS13-072 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3858 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18741 | |||
Oval ID: | oval:org.mitre.oval:def:18741 | ||
Title: | Word Memory Corruption Vulnerability (CVE-2013-3857) - MS13-072 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3857 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18749 | |||
Oval ID: | oval:org.mitre.oval:def:18749 | ||
Title: | Word Memory Corruption Vulnerability (CVE-2013-3847) - MS13-072 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3848, CVE-2013-3849, and CVE-2013-3858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3847 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18750 | |||
Oval ID: | oval:org.mitre.oval:def:18750 | ||
Title: | Cross-site scripting vulnerability in Microsoft SharePoint (CVE-2013-3179) - MS13-067 | ||
Description: | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka "SharePoint XSS Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3179 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 Microsoft SharePoint Services 3.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18774 | |||
Oval ID: | oval:org.mitre.oval:def:18774 | ||
Title: | Word Memory Corruption Vulnerability (CVE-2013-3849) - MS13-072 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3849 | Version: | 8 |
Platform(s): | Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows 2000 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Word 2003 Microsoft Word 2007 Microsoft Word 2010 Microsoft Word Viewer Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18800 | |||
Oval ID: | oval:org.mitre.oval:def:18800 | ||
Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-3848) - MS13-067 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3849, and CVE-2013-3858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3848 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18801 | |||
Oval ID: | oval:org.mitre.oval:def:18801 | ||
Title: | Memory corruption vulnerability in Microsoft SharePoint (CVE-2013-3858) - MS13-067 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3849. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3858 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Office Web Apps Microsoft SharePoint Server 2010 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18942 | |||
Oval ID: | oval:org.mitre.oval:def:18942 | ||
Title: | Word memory corruption vulnerability in Microsoft SharePoint (CVE-2013-3857) - MS13-067 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3857 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18950 | |||
Oval ID: | oval:org.mitre.oval:def:18950 | ||
Title: | Microsoft Office Memory Corruption Vulnerability (CVE-2013-1315) - MS13-073 | ||
Description: | Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1315 | Version: | 6 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Excel 2003 Microsoft Excel 2007 Microsoft Excel 2010 Microsoft Excel 2013 Microsoft Excel Viewer 2007 Microsoft Office Compatibility Pack |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:18988 | |||
Oval ID: | oval:org.mitre.oval:def:18988 | ||
Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-3847) - MS13-067 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3848, CVE-2013-3849, and CVE-2013-3858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3847 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19036 | |||
Oval ID: | oval:org.mitre.oval:def:19036 | ||
Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-0081) - MS13-067 | ||
Description: | Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of service (W3WP process hang) via a crafted URL, aka "SharePoint Denial of Service Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-0081 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 Microsoft SharePoint Services 2.0 Microsoft SharePoint Services 3.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19040 | |||
Oval ID: | oval:org.mitre.oval:def:19040 | ||
Title: | MAC disabled vulnerability in Microsoft SharePoint and Microsoft Exchange Server (CVE-2013-1330) - MS13-067, MS13-105 | ||
Description: | The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute, which allows remote attackers to execute arbitrary code by leveraging an unassigned workflow, aka "MAC Disabled Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-1330 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft Exchange Server 2007 Microsoft Exchange Server 2010 Microsoft Exchange Server 2013 Microsoft SharePoint Foundation 2010 Microsoft SharePoint Server 2007 Microsoft SharePoint Server 2010 Microsoft SharePoint Services 2.0 Microsoft SharePoint Services 3.0 |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19100 | |||
Oval ID: | oval:org.mitre.oval:def:19100 | ||
Title: | Denial of service vulnerability in Microsoft SharePoint (CVE-2013-3849) - MS13-067 | ||
Description: | Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption Vulnerability," a different vulnerability than CVE-2013-3847, CVE-2013-3848, and CVE-2013-3858. | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3849 | Version: | 3 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Server 2010 Microsoft Office Web Apps |
Definition Synopsis: | |||
|
Definition Id: oval:org.mitre.oval:def:19136 | |||
Oval ID: | oval:org.mitre.oval:def:19136 | ||
Title: | Cross-site scripting vulnerability in Microsoft SharePoint (CVE-2013-3180) - MS13-067 | ||
Description: | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST XSS Vulnerability." | ||
Family: | windows | Class: | vulnerability |
Reference(s): | CVE-2013-3180 | Version: | 9 |
Platform(s): | Microsoft Windows 2000 Microsoft Windows 7 Microsoft Windows 8 Microsoft Windows Server 2003 Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Vista Microsoft Windows XP | Product(s): | Microsoft SharePoint Foundation 2010 Microsoft SharePoint Foundation 2013 Microsoft SharePoint Server 2010 Microsoft SharePoint Server 2013 |
Definition Synopsis: | |||
|
CPE : Common Platform Enumeration
ExploitDB Exploits
id | Description |
---|---|
2013-09-12 | Microsoft SharePoint 2013 (Cloud) - Persistent Exception Handling Vulnerabili... |
Information Assurance Vulnerability Management (IAVM)
Date | Description |
---|---|
2013-12-12 | IAVM : 2013-A-0231 - Multiple Vulnerabilities in Microsoft Exchange Server Severity : Category I - VMSKEY : V0042592 |
2013-09-12 | IAVM : 2013-A-0178 - Multiple Vulnerabilities in Microsoft Office Severity : Category II - VMSKEY : V0040289 |
2013-09-12 | IAVM : 2013-A-0174 - Multiple Remote Code Execution Vulnerabilities in Microsoft SharePoint Server Severity : Category II - VMSKEY : V0040292 |
2013-09-12 | IAVM : 2013-A-0171 - Multiple Remote Code Execution Vulnerabilities in Microsoft Excel Severity : Category I - VMSKEY : V0040295 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-07-23 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 50462 - Revision : 1 - Type : FILE-OFFICE |
2019-07-23 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 50461 - Revision : 1 - Type : FILE-OFFICE |
2016-11-15 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 40460 - Revision : 3 - Type : FILE-OFFICE |
2016-11-15 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 40459 - Revision : 3 - Type : FILE-OFFICE |
2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39347 - Revision : 2 - Type : FILE-OFFICE |
2016-07-26 | Microsoft Office Excel RealTimeData record exploit attempt RuleID : 39346 - Revision : 2 - Type : FILE-OFFICE |
2014-04-24 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 30243 - Revision : 5 - Type : FILE-OFFICE |
2014-04-24 | Microsoft Office Excel malicious cce value following a PtgMemFunc token RuleID : 30242 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office SDTI signed integer underflow attempt RuleID : 27851 - Revision : 5 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office SDTI signed integer underflow attempt RuleID : 27850 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft SharePoint self cross site scripting attempt RuleID : 27828 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft SharePoint self cross site scripting attempt RuleID : 27827 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft SharePoint self cross site scripting attempt RuleID : 27826 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office SharePoint malicious serialized viewstate evaluation attempt RuleID : 27823 - Revision : 3 - Type : SERVER-WEBAPP |
2014-01-10 | Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation ... RuleID : 27821 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft Office Excel PtgMemFunc zero-value cce-field read access violation ... RuleID : 27820 - Revision : 4 - Type : FILE-OFFICE |
2014-01-10 | Microsoft SharePoint denial of service attempt RuleID : 27819 - Revision : 3 - Type : SERVER-OTHER |
2014-01-10 | Microsoft SharePoint denial of service attempt RuleID : 27818 - Revision : 3 - Type : SERVER-OTHER |
Nessus® Vulnerability Scanner
Date | Description |
---|---|
2013-12-11 | Name : The remote mail server has multiple vulnerabilities. File : smb_nt_ms13-105.nasl - Type : ACT_GATHER_INFO |
2013-09-11 | Name : An application installed on the remote Mac OS X host is affected by multiple ... File : macosx_ms13-073.nasl - Type : ACT_GATHER_INFO |
2013-09-11 | Name : The remote host is affected by multiple vulnerabilities. File : smb_nt_ms13-067.nasl - Type : ACT_GATHER_INFO |
2013-09-11 | Name : The Microsoft Office component installed on the remote host is affected by mu... File : smb_nt_ms13-072.nasl - Type : ACT_GATHER_INFO |
2013-09-11 | Name : It is possible to execute arbitrary code on the remote host through Microsoft... File : smb_nt_ms13-073.nasl - Type : ACT_GATHER_INFO |
Alert History
Date | Informations |
---|---|
2014-12-08 21:31:28 |
|
2014-02-17 11:47:45 |
|
2014-01-19 21:30:58 |
|
2013-12-13 13:23:09 |
|
2013-11-11 12:41:35 |
|
2013-11-07 00:17:28 |
|
2013-10-11 13:30:50 |
|
2013-09-16 00:21:55 |
|
2013-09-13 21:16:42 |
|
2013-09-11 21:22:44 |
|
2013-09-11 21:16:11 |
|
2013-09-10 21:20:52 |
|