This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2006-07-10
Product Office Last view 2013-11-12
Version 2003 Type Application
Update sp3  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:office

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
9.3 2013-11-12 CVE-2013-1325

Heap-based buffer overflow in Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Heap Overwrite Vulnerability."

9.3 2013-11-12 CVE-2013-1324

Stack-based buffer overflow in Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "Word Stack Buffer Overwrite Vulnerability."

9.3 2013-11-12 CVE-2013-0082

Microsoft Office 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code via a crafted WordPerfect document (.wpd) file, aka "WPD File Format Memory Corruption Vulnerability."

9.3 2013-11-06 CVE-2013-3906

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.

5 2013-09-11 CVE-2013-3160

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue, aka "XML External Entities Resolution Vulnerability."

9.3 2013-07-09 CVE-2013-3129

Microsoft .NET Framework 3.0 SP2, 3.5, 3.5.1, 4, and 4.5; Silverlight 5 before 5.1.20513.0; win32k.sys in the kernel-mode drivers, and GDI+, DirectWrite, and Journal, in Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server 2012, and Windows RT; GDI+ in Office 2003 SP3, 2007 SP3, and 2010 SP1; GDI+ in Visual Studio .NET 2003 SP1; and GDI+ in Lync 2010, 2010 Attendee, 2013, and Basic 2013 allow remote attackers to execute arbitrary code via a crafted TrueType Font (TTF) file, aka "TrueType Font Parsing Vulnerability."

9.3 2013-06-11 CVE-2013-1331

Buffer overflow in Microsoft Office 2003 SP3 and Office 2011 for Mac allows remote attackers to execute arbitrary code via crafted PNG data in an Office document, leading to improper memory allocation, aka "Office Buffer Overflow Vulnerability."

9.3 2013-01-09 CVE-2013-0007

Microsoft XML Core Services (aka MSXML) 4.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML XSLT Vulnerability."

9.3 2013-01-09 CVE-2013-0006

Microsoft XML Core Services (aka MSXML) 3.0, 5.0, and 6.0 does not properly parse XML content, which allows remote attackers to execute arbitrary code via a crafted web page, aka "MSXML Integer Truncation Vulnerability."

9.3 2012-08-14 CVE-2012-1856

The TabStrip ActiveX control in the Common Controls in MSCOMCTL.OCX in Microsoft Office 2003 SP3, Office 2003 Web Components SP3, Office 2007 SP2 and SP3, Office 2010 SP1, SQL Server 2000 SP4, SQL Server 2005 SP4, SQL Server 2008 SP2, SP3, R2, R2 SP1, and R2 SP2, Commerce Server 2002 SP4, Commerce Server 2007 SP2, Commerce Server 2009 Gold and R2, Host Integration Server 2004 SP1, Visual FoxPro 8.0 SP1, Visual FoxPro 9.0 SP2, and Visual Basic 6.0 Runtime allows remote attackers to execute arbitrary code via a crafted (1) document or (2) web page that triggers system-state corruption, aka "MSCOMCTL.OCX RCE Vulnerability."

6.9 2012-07-10 CVE-2012-1854

Untrusted search path vulnerability in VBE6.dll in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Microsoft Visual Basic for Applications (VBA); and Summit Microsoft Visual Basic for Applications SDK allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Visual Basic for Applications Insecure Library Loading Vulnerability," as exploited in the wild in July 2012.

9.3 2012-05-08 CVE-2012-0167

Heap-based buffer overflow in the Office GDI+ library in Microsoft Office 2003 SP3 and 2007 SP2 and SP3 allows remote attackers to execute arbitrary code via a crafted EMF image in an Office document, aka "GDI+ Heap Overflow Vulnerability."

9.3 2012-05-08 CVE-2012-0165

GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2 and Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1 does not properly validate record types in EMF images, which allows remote attackers to execute arbitrary code via a crafted image, aka "GDI+ Record Type Vulnerability."

9.3 2012-05-08 CVE-2012-0159

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2, R2, and R2 SP1, Windows 7 Gold and SP1, and Windows 8 Consumer Preview; Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Silverlight 4 before 4.1.10329; and Silverlight 5 before 5.1.10411 allow remote attackers to execute arbitrary code via a crafted TrueType font (TTF) file, aka "TrueType Font Parsing Vulnerability."

9.3 2012-04-10 CVE-2012-0158

The (1) ListView, (2) ListView2, (3) TreeView, and (4) TreeView2 ActiveX controls in MSCOMCTL.OCX in the Common Controls in Microsoft Office 2003 SP3, 2007 SP2 and SP3, and 2010 Gold and SP1; Office 2003 Web Components SP3; SQL Server 2000 SP4, 2005 SP4, and 2008 SP2, SP3, and R2; BizTalk Server 2002 SP1; Commerce Server 2002 SP4, 2007 SP2, and 2009 Gold and R2; Visual FoxPro 8.0 SP1 and 9.0 SP2; and Visual Basic 6.0 Runtime allow remote attackers to execute arbitrary code via a crafted (a) web site, (b) Office document, or (c) .rtf file that triggers "system state" corruption, as exploited in the wild in April 2012, aka "MSCOMCTL.OCX RCE Vulnerability."

9.3 2011-09-15 CVE-2011-1980

Untrusted search path vulnerability in Microsoft Office 2003 SP3 and 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .doc, .ppt, or .xls file, aka "Office Component Insecure Library Loading Vulnerability."

9.3 2011-04-13 CVE-2011-0107

Untrusted search path vulnerability in Microsoft Office XP SP3, Office 2003 SP3, and Office 2007 SP2 allows local users to gain privileges via a Trojan horse DLL in the current working directory, as demonstrated by a directory that contains a .docx file, aka "Office Component Insecure Library Loading Vulnerability."

9.3 2010-12-16 CVE-2010-3946

Integer overflow in the PICT image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted PICT image in an Office document, aka "PICT Image Converter Integer Overflow Vulnerability."

9.3 2010-12-16 CVE-2010-3945

Buffer overflow in the CGM image converter in the graphics filters in Microsoft Office XP SP3, Office 2003 SP3, and Office Converter Pack allows remote attackers to execute arbitrary code via a crafted CGM image in an Office document, aka "CGM Image Converter Buffer Overrun Vulnerability."

9.3 2010-11-09 CVE-2010-3335

Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via a crafted Office document that triggers memory corruption, aka "Drawing Exception Handling Vulnerability."

9.3 2010-11-09 CVE-2010-3334

Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allow remote attackers to execute arbitrary code via an Office document containing an Office Art Drawing record with crafted msofbtSp records and unspecified flags, which triggers memory corruption, aka "Office Art Drawing Records Vulnerability."

9.3 2010-11-09 CVE-2010-3333

Stack-based buffer overflow in Microsoft Office XP SP3, Office 2003 SP3, Office 2007 SP2, Office 2010, Office 2004 and 2008 for Mac, Office for Mac 2011, and Open XML File Format Converter for Mac allows remote attackers to execute arbitrary code via crafted RTF data, aka "RTF Stack Buffer Overflow Vulnerability."

9.3 2010-09-15 CVE-2010-2738

The Uniscribe (aka new Unicode Script Processor) implementation in USP10.DLL in Microsoft Windows XP SP2 and SP3, Server 2003 SP2, Vista SP1 and SP2, and Server 2008 Gold and SP2, and Microsoft Office XP SP3, 2003 SP3, and 2007 SP2, does not properly validate tables associated with malformed OpenType fonts, which allows remote attackers to execute arbitrary code via a crafted (1) web site or (2) Office document, aka "Uniscribe Font Parsing Engine Memory Corruption Vulnerability."

9.3 2010-06-08 CVE-2010-1263

Windows Shell and WordPad in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP1 and SP2, Windows Server 2008 Gold, SP2, and R2, and Windows 7; Microsoft Office XP SP3; Office 2003 SP3; and Office System 2007 SP1 and SP2 do not properly validate COM objects during instantiation, which allows remote attackers to execute arbitrary code via a crafted file, aka "COM Validation Vulnerability."

9.3 2010-05-12 CVE-2010-0815

VBE6.DLL in Microsoft Office XP SP3, Office 2003 SP3, 2007 Microsoft Office System SP1 and SP2, Visual Basic for Applications (VBA), and VBA SDK 6.3 through 6.5 does not properly search for ActiveX controls that are embedded in documents, which allows remote attackers to execute arbitrary code via a crafted document, aka "VBE6.DLL Stack Memory Corruption Vulnerability."

CWE : Common Weakness Enumeration

%idName
28% (17) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
28% (17) CWE-94 Failure to Control Generation of Code ('Code Injection')
15% (9) CWE-189 Numeric Errors
13% (8) CWE-399 Resource Management Errors
11% (7) CWE-20 Improper Input Validation
1% (1) CWE-200 Information Exposure

SAINT Exploits

Description Link
Microsoft Jet Engine MDB file ColumnName buffer overflow More info here
Microsoft Excel formula parsing integer overflow More info here
Microsoft Works File Converter FontName buffer overflow More info here
Microsoft Office PNG File Handling Buffer Overflow More info here
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability More info here
Microsoft Excel Drawing Exception Handling vulnerability More info here
Microsoft Office RTF pFragments Property Stack Buffer Overflow More info here
Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability More info here
Microsoft Works File Converter index table vulnerability More info here
Microsoft Works File Converter field length buffer overflow More info here
Microsoft PowerPoint malformed data record vulnerability More info here
Microsoft Office Web Components OWC.Spreadsheet.9 HTMLURL property overflow More info here
Microsoft Office Web Components DataSourceControl ActiveX Control memory allocation More info here
Microsoft Office Web Components OWC.Spreadsheet BorderAround vulnerability More info here
Microsoft Office Art Property Table Memory Corruption More info here

Open Source Vulnerability Database (OSVDB)

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
75379 Microsoft Office MSO.dll Path Subversion Arbitrary DLL Injection Code Execution
71767 Microsoft Office Path Subversion Arbitrary DLL Injection Code Execution
69804 Microsoft Office PICT Image Converter Overflow
69803 Microsoft Office CGM Image Converter Overflow
69087 Microsoft Office Drawing Exception Handling Remote Code Execution
69086 Microsoft Office Art Drawing Record Parsing Remote Code Execution
69085 Microsoft Office RTF Parsing Stack Overflow
67984 Microsoft Multiple Products Unicode Scripts Processor (Usp10.dll) OpenType Fo...
65219 Microsoft Windows / Office COM Object Instantiation Validation Remote Code Ex...
64529 Microsoft Visual Basic for Applications VBE6.dll Single-Byte Stack Overwrite
58869 Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E...
58868 Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow
58867 Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation
58866 Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr...
58865 Microsoft Multiple Products GDI+ TIFF Image Handling Overflow
58864 Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow
58863 Microsoft Multiple Products GDI+ WMF Image Handling Overflow
56916 Microsoft Office Web Components HTMLURL Parameter ActiveX Spreadsheet Object ...
56915 Microsoft Office Web Components OWC10.Spreadsheet ActiveX BorderAround() Meth...
56914 Microsoft Office Web Components OWC10 ActiveX Loading/Unloading Memory Alloca...
55806 Microsoft Office Web Components OWC10.Spreadsheet ActiveX msDataSourceObject(...
54939 Microsoft Office Works for Windows File Converter .wps Handling Overflow
49078 Microsoft Excel Embedded Formula Parsing Arbitrary Code Execution
49076 Microsoft Excel BIFF File Malformed Object Handling Arbitrary Code Execution
47969 Microsoft Multiple Products GDI+ BMP Integer Calculation Overflow

ExploitDB Exploits

id Description
30011 Microsoft Tagged Image File Format (TIFF) Integer Overflow
17474 MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution

OpenVAS Exploits

id Description
2012-08-15 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
File : nvt/secpod_ms12-060.nasl
2012-07-11 Name : Visual Basic for Applications Remote Code Execution Vulnerability (2707960)
File : nvt/secpod_ms12-046.nasl
2012-06-13 Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-05-14 Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-04-11 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
File : nvt/secpod_ms12-027.nasl
2011-09-14 Name : Microsoft Office Remote Code Execution Vulnerabilites (2587634)
File : nvt/secpod_ms11-073.nasl
2011-04-13 Name : Microsoft Office Remote Code Execution Vulnerabilites (2489293)
File : nvt/secpod_ms11-023.nasl
2011-01-18 Name : Microsoft Products GDI Plus Remote Code Execution Vulnerabilities (954593)
File : nvt/gb_ms08-052.nasl
2010-12-15 Name : Microsoft Office Graphics Filters Remote Code Execution Vulnerabilities (968095)
File : nvt/secpod_ms10-105.nasl
2010-11-10 Name : Microsoft Office Remote Code Execution Vulnerabilites (2423930)
File : nvt/secpod_ms10-087.nasl
2010-10-13 Name : Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882)
File : nvt/secpod_ms10-083.nasl
2010-09-15 Name : MS Unicode Scripts Processor and MS Office Could Code Execution Vulnerability...
File : nvt/secpod_ms10-063.nasl
2010-06-09 Name : Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
File : nvt/secpod_ms10-036.nasl
2010-05-13 Name : Microsoft Visual Basic Remote Code Execution Vulnerability (978213)
File : nvt/secpod_ms10-031.nasl
2009-10-21 Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
File : nvt/secpod_ms09-062.nasl
2009-07-18 Name : Microsoft Office Web Components ActiveX Control Code Execution Vulnerability
File : nvt/gb_ms_office_web_compnts_actvx_code_exec_vuln.nasl
2008-10-15 Name : Microsoft Excel Remote Code Execution Vulnerability (956416)
File : nvt/secpod_ms08-057_900048.nasl
2008-09-10 Name : Microsoft Office Remote Code Execution Vulnerabilities (955047)
File : nvt/secpod_ms08-055_900046.nasl
2008-09-03 Name : Windows Vulnerability in Microsoft Jet Database Engine
File : nvt/win_CVE-2007-6026.nasl
2008-08-19 Name : Microsoft PowerPoint Could Allow Remote Code Execution Vulnerabilities (949785)
File : nvt/secpod_ms08-051_900033.nasl
2008-08-19 Name : Microsoft Excel Could Allow Remote Code Execution Vulnerabilities (954066)
File : nvt/secpod_ms08-043_900028.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2013-A-0225 Microsoft GDI Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0042593
2013-B-0126 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0042306
2013-A-0178 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0040289
2013-B-0071 Multiple Vulnerabilities in Microsoft .NET Framework and Silverlight
Severity: Category II - VMSKEY: V0039211
2013-A-0135 Microsoft GDI+ Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0039199
2013-A-0121 Microsoft Office Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0039073
2013-A-0004 Multiple Vulnerabilities in Microsoft XML Core Services
Severity: Category I - VMSKEY: V0036444
2012-A-0132 Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0033659
2012-A-0109 Microsoft Visual Basic for Applications Remote Code Execution Vulnerability
Severity: Category I - VMSKEY: V0033311
2012-A-0059 Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0031982
2011-A-0125 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0030246
2011-A-0045 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0026527
2010-A-0170 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0025855
2010-A-0134 Microsoft Windows COM Validation Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0025530
2009-A-0099 Multiple Vulnerabilities in Microsoft GDI+
Severity: Category I - VMSKEY: V0021759
2009-A-0069 Multiple Vulnerabilities in Microsoft Office Web Components
Severity: Category II - VMSKEY: V0019877
2009-B-0025 Microsoft Works Converter Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0019406
2008-T-0053 WinZip gdiplus.dll Microsoft Module Unspecified Security Vulnerability
Severity: Category II - VMSKEY: V0017532
2008-B-0058 Microsoft Office Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0017345
2008-A-0029 Microsoft Publisher Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0016014
2008-A-0030 Microsoft Jet Database Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0016013
2008-T-0012 Microsoft Visio Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0015942
2008-A-0012 Microsoft Outlook Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0015764

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Office Data Source Control 10.0 ActiveX clsid unicode access
RuleID : 7877 - Type : WEB-ACTIVEX - Revision : 10
2014-01-10 Microsoft Office Data Source Control 10.0 ActiveX clsid access
RuleID : 7876 - Type : BROWSER-PLUGINS - Revision : 18
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access
RuleID : 7873 - Type : WEB-ACTIVEX - Revision : 9
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX clsid access
RuleID : 7872 - Type : BROWSER-PLUGINS - Revision : 17
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2019-10-01 Microsoft Office Excel invalid FRTWrapper record integer underflow attempt
RuleID : 51314 - Type : FILE-OFFICE - Revision : 1
2019-10-01 Microsoft Office Excel invalid FRTWrapper record integer underflow attempt
RuleID : 51313 - Type : FILE-OFFICE - Revision : 1
2019-09-24 Microsoft Office PNG tEXt chunk buffer overflow attempt
RuleID : 51206 - Type : FILE-IMAGE - Revision : 1
2019-09-24 Microsoft Office PNG tEXt chunk buffer overflow attempt
RuleID : 51205 - Type : FILE-IMAGE - Revision : 1
2019-09-24 Microsoft Office PNG tEXt chunk buffer overflow attempt
RuleID : 51204 - Type : FILE-IMAGE - Revision : 1
2019-09-24 Microsoft Office PNG tEXt chunk buffer overflow attempt
RuleID : 51203 - Type : FILE-IMAGE - Revision : 1
2019-09-12 Microsoft VBE6.dll stack corruption attempt
RuleID : 50959 - Type : FILE-OFFICE - Revision : 1
2019-09-05 Microsoft Word malformed css remote code execution attempt
RuleID : 50895 - Type : FILE-OFFICE - Revision : 1
2019-09-05 Microsoft Word malformed css remote code execution attempt
RuleID : 50894 - Type : FILE-OFFICE - Revision : 1
2019-08-27 Microsoft Windows GDI+ interlaced PNG file parsing heap overflow attempt
RuleID : 50798 - Type : FILE-IMAGE - Revision : 1
2019-04-18 Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 49496 - Type : FILE-OFFICE - Revision : 1
2019-04-18 Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 49494 - Type : FILE-OFFICE - Revision : 1
2018-02-27 Microsoft Office embedded Office Art drawings execution attempt
RuleID : 45557 - Type : FILE-OFFICE - Revision : 1
2018-02-27 Microsoft Office embedded Office Art drawings execution attempt
RuleID : 45556 - Type : FILE-OFFICE - Revision : 1
2017-09-19 RTF obfuscation string
RuleID : 43990 - Type : INDICATOR-OBFUSCATION - Revision : 3
2017-09-19 newlines embedded in rtf header
RuleID : 43989 - Type : INDICATOR-OBFUSCATION - Revision : 3
2017-08-24 Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt
RuleID : 43699 - Type : FILE-OFFICE - Revision : 2
2017-08-24 Microsoft Office Excel invalid FRTWrapper record buffer overflow attempt
RuleID : 43698 - Type : FILE-OFFICE - Revision : 2
2017-08-23 Microsoft Office RTF parsing remote code execution attempt
RuleID : 43679 - Type : FILE-OFFICE - Revision : 1
2017-08-23 Microsoft Office RTF parsing remote code execution attempt
RuleID : 43678 - Type : FILE-OFFICE - Revision : 1

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2014-03-10 Name: Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File: smb_kb957488.nasl - Type: ACT_GATHER_INFO
2013-12-11 Name: The remote Windows host has a remote code execution vulnerability.
File: smb_nt_ms13-096.nasl - Type: ACT_GATHER_INFO
2013-11-13 Name: The Microsoft Office component installed on the remote host is affected by mu...
File: smb_nt_ms13-091.nasl - Type: ACT_GATHER_INFO
2013-09-11 Name: The Microsoft Office component installed on the remote host is affected by mu...
File: smb_nt_ms13-072.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The .NET Framework install on the remote Windows host could allow arbitrary c...
File: smb_nt_ms13-052.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The Windows kernel on the remote host is affected by multiple vulnerabilities.
File: smb_nt_ms13-053.nasl - Type: ACT_GATHER_INFO
2013-07-10 Name: The remote Windows host has a remote code execution vulnerability.
File: smb_nt_ms13-054.nasl - Type: ACT_GATHER_INFO
2013-06-11 Name: The remote Office install has a buffer overflow vulnerability.
File: smb_nt_ms13-051.nasl - Type: ACT_GATHER_INFO
2013-06-11 Name: An application installed on the remote Mac OS X host is affected by a remote ...
File: macosx_ms13-051.nasl - Type: ACT_GATHER_INFO
2013-01-09 Name: Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File: smb_nt_ms13-002.nasl - Type: ACT_GATHER_INFO
2012-08-15 Name: The remote Windows host has a code execution vulnerability.
File: smb_nt_ms12-060.nasl - Type: ACT_GATHER_INFO
2012-07-11 Name: Arbitrary code can be executed on the remote host through Visual Basic for Ap...
File: smb_nt_ms12-046.nasl - Type: ACT_GATHER_INFO
2012-06-13 Name: Arbitrary code can be executed on the remote host through Microsoft Lync.
File: smb_nt_ms12-039.nasl - Type: ACT_GATHER_INFO
2012-05-09 Name: A multimedia application framework installed on the remote Mac OS X host is a...
File: macosx_ms12-034.nasl - Type: ACT_GATHER_INFO
2012-05-09 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms12-034.nasl - Type: ACT_GATHER_INFO
2012-04-11 Name: The remote Windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms12-027.nasl - Type: ACT_GATHER_INFO
2011-09-14 Name: Arbitrary code can be executed on the remote host through Microsoft Office.
File: smb_nt_ms11-073.nasl - Type: ACT_GATHER_INFO
2011-04-13 Name: Arbitrary code can be executed on the remote host through Microsoft Office.
File: smb_nt_ms11-023.nasl - Type: ACT_GATHER_INFO
2010-12-15 Name: Arbitrary code can be executed on the remote host through the Microsoft Offic...
File: smb_nt_ms10-105.nasl - Type: ACT_GATHER_INFO
2010-11-09 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms_office_nov2010.nasl - Type: ACT_GATHER_INFO
2010-11-09 Name: Arbitrary code can be executed on the remote host through Microsoft Office.
File: smb_nt_ms10-087.nasl - Type: ACT_GATHER_INFO
2010-10-20 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms08-057.nasl - Type: ACT_GATHER_INFO
2010-10-20 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms08-026.nasl - Type: ACT_GATHER_INFO
2010-10-20 Name: An application installed on the remote Mac OS X host is affected by multiple ...
File: macosx_ms_office_aug2008.nasl - Type: ACT_GATHER_INFO
2010-10-13 Name: The remote windows host is affected by a remote code execution vulnerability.
File: smb_nt_ms10-083.nasl - Type: ACT_GATHER_INFO