This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2015-10-13
Product Excel For Mac Last view 2017-09-12
Version 2016 Type Application
Update *  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:excel_for_mac

Activity : Overall

Related : CVE

  Date Alert Description
7.8 2017-09-12 CVE-2017-8632

A remote code execution vulnerability exists in Microsoft Excel 2010 Service Pack 2, Microsoft Excel 2013 Service Pack 1, Microsoft Excel 2013 RT Service Pack 1, Microsoft Excel 2016, Microsoft Office Web Apps 2013, Microsoft Excel for Mac 2011, Microsoft Excel 2016 for Mac, and Microsoft Office Compatibility Pack Service Pack 3, when they fail to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8630, CVE-2017-8631, and CVE-2017-8744.

7.8 2016-12-20 CVE-2016-7266

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, and Excel 2016 for Mac mishandle a registry check, which allows user-assisted remote attackers to execute arbitrary commands via crafted embedded content in a document, aka "Microsoft Office Security Feature Bypass Vulnerability."

7.1 2016-12-20 CVE-2016-7264

Microsoft Excel 2007 SP3, Office Compatibility Pack SP3, Excel Viewer, Excel for Mac 2011, and Excel 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."

7.8 2016-12-20 CVE-2016-7263

Microsoft Excel for Mac 2011 and Excel 2016 for Mac allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-11-10 CVE-2016-7236

Microsoft Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-11-10 CVE-2016-7229

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-11-10 CVE-2016-7228

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-11-10 CVE-2016-7213

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-09-14 CVE-2016-3358

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-07-12 CVE-2016-3284

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-02-10 CVE-2016-0054

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-01-13 CVE-2016-0035

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

7.8 2016-01-13 CVE-2016-0010

Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Excel for Mac 2011, PowerPoint for Mac 2011, Word for Mac 2011, Excel 2016 for Mac, PowerPoint 2016 for Mac, Word 2016 for Mac, and Word Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3 2015-12-09 CVE-2015-6040

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, and Excel Viewer allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

4.3 2015-11-11 CVE-2015-6123

Cross-site scripting (XSS) vulnerability in Microsoft Excel for Mac 2011 and Excel 2016 for Mac allows remote attackers to inject arbitrary web script or HTML via a crafted e-mail message that is mishandled by Outlook for Mac, aka "Microsoft Outlook for Mac Spoofing Vulnerability."

9.3 2015-11-11 CVE-2015-6094

Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3 2015-11-11 CVE-2015-6038

Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Office Compatibility Pack SP3, Excel Viewer, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3 2015-10-13 CVE-2015-2558

Use-after-free vulnerability in Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, Excel Viewer, Office Compatibility Pack SP3, and Excel Services on SharePoint Server 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a long fileVersion element in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

9.3 2015-10-13 CVE-2015-2555

Use-after-free vulnerability in Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2013 RT SP1, Excel 2016, Excel for Mac 2011, Excel 2016 for Mac, and Excel Services on SharePoint Server 2010 SP2 and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted calculatedColumnFormula object in an Office document, aka "Microsoft Office Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
82% (14) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
5% (1) CWE-125 Out-of-bounds Read
5% (1) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
5% (1) CWE-20 Improper Input Validation

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2018-08-16 Microsoft Office Excel fileVersion use-after-free attempt
RuleID : 47204 - Type : FILE-OFFICE - Revision : 1
2018-08-16 Microsoft Office Excel fileVersion use-after-free attempt
RuleID : 47203 - Type : FILE-OFFICE - Revision : 1
2018-08-16 Microsoft Office Excel fileVersion use-after-free attempt
RuleID : 47202 - Type : FILE-OFFICE - Revision : 2
2018-08-16 Microsoft Office Excel fileVersion use-after-free attempt
RuleID : 47201 - Type : FILE-OFFICE - Revision : 2
2018-08-16 Microsoft Office Excel fileVersion use-after-free attempt
RuleID : 47200 - Type : FILE-OFFICE - Revision : 1
2018-08-16 Microsoft Office Excel fileVersion use-after-free attempt
RuleID : 47199 - Type : FILE-OFFICE - Revision : 1
2018-07-31 Microsoft Office Excel empty bookViews element denial of service attempt
RuleID : 47056 - Type : FILE-OFFICE - Revision : 1
2018-07-31 Microsoft Office Excel empty bookViews element denial of service attempt
RuleID : 47055 - Type : FILE-OFFICE - Revision : 1
2017-03-14 Microsoft Internet Explorer array proto chain manipulation memory corruption ...
RuleID : 41562 - Type : BROWSER-IE - Revision : 3
2017-03-14 Microsoft Internet Explorer array proto chain manipulation memory corruption ...
RuleID : 41561 - Type : BROWSER-IE - Revision : 3
2017-03-14 Microsoft Internet Explorer use asm memory corruption attempt
RuleID : 41556 - Type : BROWSER-IE - Revision : 2
2017-03-14 Microsoft Internet Explorer use asm memory corruption attempt
RuleID : 41555 - Type : BROWSER-IE - Revision : 2
2017-01-10 Microsoft Office Excel CrtMlFrt record out of bounds read attempt
RuleID : 40945 - Type : FILE-OFFICE - Revision : 2
2017-01-10 Microsoft Office Excel CrtMlFrt record out of bounds read attempt
RuleID : 40944 - Type : FILE-OFFICE - Revision : 2
2016-12-08 Microsoft Office Excel invalid signed integer attempt
RuleID : 40726 - Type : FILE-OFFICE - Revision : 2
2016-12-08 Microsoft Office Excel invalid signed integer attempt
RuleID : 40725 - Type : FILE-OFFICE - Revision : 2
2016-12-08 Microsoft Office Excel SST record use after free attempt
RuleID : 40720 - Type : FILE-OFFICE - Revision : 2
2016-12-08 Microsoft Office Excel SST record use after free attempt
RuleID : 40719 - Type : FILE-OFFICE - Revision : 2
2016-12-06 Microsoft Office Excel LPenHelper use after free attempt
RuleID : 40718 - Type : FILE-OFFICE - Revision : 2
2016-12-06 Microsoft Office Excel LPenHelper use after free attempt
RuleID : 40717 - Type : FILE-OFFICE - Revision : 2
2016-12-06 Microsoft Office 2016 arbitrary pointer dereference vulnerability attempt
RuleID : 40712 - Type : FILE-OFFICE - Revision : 2
2016-12-06 Microsoft Office 2016 arbitrary pointer dereference vulnerability attempt
RuleID : 40711 - Type : FILE-OFFICE - Revision : 1
2016-10-11 Microsoft Office Excel xlsb use-after-free attempt
RuleID : 40105 - Type : FILE-OFFICE - Revision : 2
2016-10-11 Microsoft Office Excel xlsb use-after-free attempt
RuleID : 40104 - Type : FILE-OFFICE - Revision : 2
2016-10-11 Microsoft Office Excel xlsb use-after-free attempt
RuleID : 40103 - Type : FILE-OFFICE - Revision : 2

Nessus® Vulnerability Scanner

id Description
2017-09-12 Name: Microsoft Office Compatibility Pack SP3 is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_office_compatibility.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The Microsoft Excel Products are affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_excel.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macosx_ms17_sep_office.nasl - Type: ACT_GATHER_INFO
2016-12-14 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: smb_nt_ms16-148.nasl - Type: ACT_GATHER_INFO
2016-12-14 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macosx_ms16-148_office.nasl - Type: ACT_GATHER_INFO
2016-11-16 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macosx_ms16-133_office.nasl - Type: ACT_GATHER_INFO
2016-11-08 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: smb_nt_ms16-133.nasl - Type: ACT_GATHER_INFO
2016-09-15 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms16-107_office.nasl - Type: ACT_GATHER_INFO
2016-09-14 Name: An application installed on the remote host is affected by multiple vulnerabi...
File: smb_nt_ms16-107.nasl - Type: ACT_GATHER_INFO
2016-07-12 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms16-088_office.nasl - Type: ACT_GATHER_INFO
2016-07-12 Name: An application installed on the remote Windows host is affected by multiple v...
File: smb_nt_ms16-088.nasl - Type: ACT_GATHER_INFO
2016-02-22 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms16-015_office.nasl - Type: ACT_GATHER_INFO
2016-02-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-015.nasl - Type: ACT_GATHER_INFO
2016-01-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms16-004.nasl - Type: ACT_GATHER_INFO
2016-01-12 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms16-004_office.nasl - Type: ACT_GATHER_INFO
2015-12-11 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms15-131_office.nasl - Type: ACT_GATHER_INFO
2015-12-08 Name: The remote Windows host is affected by multiple remote code execution vulnera...
File: smb_nt_ms15-131.nasl - Type: ACT_GATHER_INFO
2015-11-10 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-116.nasl - Type: ACT_GATHER_INFO
2015-11-10 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms15-116_office.nasl - Type: ACT_GATHER_INFO
2015-10-14 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms15-110_office.nasl - Type: ACT_GATHER_INFO
2015-10-13 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms15-110.nasl - Type: ACT_GATHER_INFO