This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 1999-01-01
Product Office Last view 2020-09-11
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:* 161
cpe:2.3:a:microsoft:office:2004:*:mac:*:*:*:*:* 138
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:* 101
cpe:2.3:a:microsoft:office:xp:sp3:*:*:*:*:*:* 97
cpe:2.3:a:microsoft:office:2008:*:mac:*:*:*:*:* 95
cpe:2.3:a:microsoft:office:2016:*:-:*:-:*:-:* 95
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:* 90
cpe:2.3:a:microsoft:office:2003:sp2:*:*:*:*:*:* 74
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:* 71
cpe:2.3:a:microsoft:office:2000:sp3:*:*:*:*:*:* 70
cpe:2.3:a:microsoft:office:2003:sp3:*:*:*:*:*:* 66
cpe:2.3:a:microsoft:office:2016:*:*:*:click-to-run:*:*:* 47
cpe:2.3:a:microsoft:office:2019:*:*:*:*:macos:*:* 46
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:* 45
cpe:2.3:a:microsoft:office:2019:*:*:*:*:-:*:* 34
cpe:2.3:a:microsoft:office:2007:sp2:*:*:*:*:*:* 32
cpe:2.3:a:microsoft:office:2011:*:mac:*:*:*:*:* 32
cpe:2.3:a:microsoft:office:2010:sp2:x86:*:*:*:*:* 30
cpe:2.3:a:microsoft:office:2010:sp2:x64:*:*:*:*:* 30
cpe:2.3:a:microsoft:office:2000:*:*:*:*:*:*:* 23
cpe:2.3:a:microsoft:office:2003:sp1:*:*:*:*:*:* 22
cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os_x:*:* 22
cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os:*:* 20
cpe:2.3:a:microsoft:office:2007:sp1:*:*:*:*:*:* 19
cpe:2.3:a:microsoft:office:xp:*:*:*:*:*:*:* 19
cpe:2.3:a:microsoft:office:2007:*:*:*:*:*:*:* 19
cpe:2.3:a:microsoft:office:2003:*:*:*:*:*:*:* 18
cpe:2.3:a:microsoft:office:v.x:*:mac:*:*:*:*:* 14
cpe:2.3:a:microsoft:office:2010:sp1:x64:*:*:*:*:* 14
cpe:2.3:a:microsoft:office:2000:sp1:*:*:*:*:*:* 12
cpe:2.3:a:microsoft:office:2000:sp2:*:*:*:*:*:* 12
cpe:2.3:a:microsoft:office:2010:sp1:x86:*:*:*:*:* 12
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:x64:* 12
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:x86:* 12
cpe:2.3:a:microsoft:office:2016:*:*:*:*:macos:*:* 11
cpe:2.3:a:microsoft:office:xp:sp2:*:*:*:*:*:* 10
cpe:2.3:a:microsoft:office:2000:*:*:ja:*:*:*:* 9
cpe:2.3:a:microsoft:office:2000:*:*:ko:*:*:*:* 9
cpe:2.3:a:microsoft:office:2000:*:*:zh:*:*:*:* 9
cpe:2.3:a:microsoft:office:2010:*:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:office:*:*:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:office:xp:sp1:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:office:2010:sp1:*:*:*:*:*:* 8
cpe:2.3:a:microsoft:office:v.x:*:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:office:2016:c2r:*:*:*:*:*:* 7
cpe:2.3:a:microsoft:office:2007:*:gold:*:*:*:*:* 6
cpe:2.3:a:microsoft:office:2001:*:*:*:*:*:*:* 6
cpe:2.3:a:microsoft:office:2013:*:*:*:*:*:*:* 6
cpe:2.3:a:microsoft:office:2007_sp1:*:*:*:*:*:*:* 5
cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac:*:* 5

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
5.5 2020-09-11 CVE-2020-16855

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'.
8.8 2020-09-11 CVE-2020-1594

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1335.
8.8 2020-09-11 CVE-2020-1338

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1218.
8.8 2020-09-11 CVE-2020-1335

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1594.
8.8 2020-09-11 CVE-2020-1332

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1335, CVE-2020-1594.
5.5 2020-09-11 CVE-2020-1224

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
8.8 2020-09-11 CVE-2020-1218

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1338.
8.8 2020-09-11 CVE-2020-1193

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1332, CVE-2020-1335, CVE-2020-1594.
5.5 2020-08-17 CVE-2020-1583

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1502, CVE-2020-1503.
7.8 2020-08-17 CVE-2020-1582

A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Remote Code Execution Vulnerability'.
7.8 2020-08-17 CVE-2020-1581

An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory, aka 'Microsoft Office Click-to-Run Elevation of Privilege Vulnerability'.
7.8 2020-08-17 CVE-2020-1563

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Remote Code Execution Vulnerability'.
5.5 2020-08-17 CVE-2020-1503

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1502, CVE-2020-1583.
5.5 2020-08-17 CVE-2020-1502

An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1503, CVE-2020-1583.
8.8 2020-08-17 CVE-2020-1498

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1495, CVE-2020-1496, CVE-2020-1504.
5.5 2020-08-17 CVE-2020-1497

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
8.8 2020-08-17 CVE-2020-1496

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1495, CVE-2020-1498, CVE-2020-1504.
8.8 2020-08-17 CVE-2020-1495

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1494, CVE-2020-1496, CVE-2020-1498, CVE-2020-1504.
8.8 2020-08-17 CVE-2020-1494

A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1495, CVE-2020-1496, CVE-2020-1498, CVE-2020-1504.
5.5 2020-08-17 CVE-2020-1493

An information disclosure vulnerability exists when attaching files to Outlook messages, aka 'Microsoft Outlook Information Disclosure Vulnerability'.
8.8 2020-08-17 CVE-2020-1483

A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory, aka 'Microsoft Outlook Memory Corruption Vulnerability'.
7.8 2020-07-14 CVE-2020-1449

A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file, aka 'Microsoft Project Remote Code Execution Vulnerability'.
8.8 2020-07-14 CVE-2020-1448

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.
8.8 2020-07-14 CVE-2020-1447

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.
8.8 2020-07-14 CVE-2020-1446

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.

CWE : Common Weakness Enumeration

%idName
35% (153) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
19% (83) CWE-94 Failure to Control Generation of Code ('Code Injection')
10% (45) CWE-200 Information Exposure
10% (43) CWE-20 Improper Input Validation
7% (33) CWE-399 Resource Management Errors
3% (17) CWE-189 Numeric Errors
3% (13) CWE-264 Permissions, Privileges, and Access Controls
2% (11) CWE-787 Out-of-bounds Write
2% (9) CWE-125 Out-of-bounds Read
1% (7) CWE-19 Data Handling
0% (3) CWE-79 Failure to Preserve Web Page Structure ('Cross-site Scripting')
0% (2) CWE-284 Access Control (Authorization) Issues
0% (2) CWE-254 Security Features
0% (1) CWE-732 Incorrect Permission Assignment for Critical Resource
0% (1) CWE-665 Improper Initialization
0% (1) CWE-601 URL Redirection to Untrusted Site ('Open Redirect')
0% (1) CWE-416 Use After Free
0% (1) CWE-346 Origin Validation Error
0% (1) CWE-269 Improper Privilege Management
0% (1) CWE-255 Credentials Management

CAPEC : Common Attack Pattern Enumeration & Classification

id Name
CAPEC-8 Buffer Overflow in an API Call
CAPEC-9 Buffer Overflow in Local Command-Line Utilities
CAPEC-10 Buffer Overflow via Environment Variables
CAPEC-14 Client-side Injection-induced Buffer Overflow
CAPEC-24 Filter Failure through Buffer Overflow
CAPEC-26 Leveraging Race Conditions
CAPEC-29 Leveraging Time-of-Check and Time-of-Use (TOCTOU) Race Conditions
CAPEC-38 Leveraging/Manipulating Configuration File Search Paths
CAPEC-41 Using Meta-characters in E-mail Headers to Inject Malicious Payloads
CAPEC-42 MIME Conversion
CAPEC-44 Overflow Binary Resource File
CAPEC-45 Buffer Overflow via Symbolic Links
CAPEC-46 Overflow Variables and Tags
CAPEC-47 Buffer Overflow via Parameter Expansion
CAPEC-88 OS Command Injection
CAPEC-100 Overflow Buffers
CAPEC-133 Try All Common Application Switches and Options
CAPEC-172 Time and State Attacks

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:2671 Windows 2000 Certificate Validation Identity Spoofing Vulnerability (Test 2)
oval:org.mitre.oval:def:1332 Windows 2000 Certificate Validation Identity Spoofing Vulnerability (Test 1)
oval:org.mitre.oval:def:1056 Microsoft Certificate Validation Flaw Identity Spoofing Vulnerability
oval:org.mitre.oval:def:843 MS Outlook Argument Injection Local Vulnerability
oval:org.mitre.oval:def:4307 GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002)
oval:org.mitre.oval:def:4216 GDI+ JPEG Parsing Engine Buffer Overflow (IE6)
oval:org.mitre.oval:def:4003 GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP)
oval:org.mitre.oval:def:3881 GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2)
oval:org.mitre.oval:def:3810 GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003)
oval:org.mitre.oval:def:3320 GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003
oval:org.mitre.oval:def:3082 GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002)
oval:org.mitre.oval:def:3038 GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1)
oval:org.mitre.oval:def:2706 GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003)
oval:org.mitre.oval:def:1721 GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003)
oval:org.mitre.oval:def:1105 GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003)
oval:org.mitre.oval:def:4005 Office XP, SP2 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:3333 Office XP, SP3 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:3311 Office 2003 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:2670 Office 2000 WordPerfect Converter Buffer Overflow
oval:org.mitre.oval:def:4226 Excel 2002 File Handler Code Execution Vulnerability
oval:org.mitre.oval:def:2673 Excel 2000 File Handler Code Execution Vulnerability
oval:org.mitre.oval:def:4022 Office XP URL Buffer Overflow
oval:org.mitre.oval:def:2738 Microsoft Office Visio Professional URL Buffer Overflow
oval:org.mitre.oval:def:2348 Windows Project Professional URL Buffer Overflow
oval:org.mitre.oval:def:1538 Win2K/XP,SP1 DDS Library Shape Control Buffer Overflow

SAINT Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Description Link
Microsoft Jet Engine MDB file ColumnName buffer overflow More info here
Microsoft Office Excel PivotTable Cache Data Record Handling Overflow More info here
Microsoft Excel FORMAT record array index memory corruption More info here
Microsoft Office Word RTF Parsing Engine Memory Corruption More info here
Microsoft PowerPoint OEPlaceholderAtom placementId memory corruption More info here
Microsoft Excel PALETTE record buffer overflow More info here
Microsoft Excel Substream Parsing Integer Overflow More info here
Microsoft Excel Data Validation Record Parsing Overflow More info here
Microsoft Excel Named Graph record buffer overflow More info here
Microsoft Excel DbOrParamQry memory corruption More info here
Microsoft Office Drawing Shapes memory corruption vulnerability More info here
Microsoft Excel formula parsing integer overflow More info here
Microsoft Works File Converter FontName buffer overflow More info here
Microsoft Excel conditional formatting vulnerability More info here
Microsoft Office PNG File Handling Buffer Overflow More info here
Microsoft Windows Common Controls MSCOMCTL.OCX Vulnerability More info here
Microsoft Excel Drawing Exception Handling vulnerability More info here
MS Office Word malformed Sprm record buffer overflow More info here
Microsoft Office RTF pFragments Property Stack Buffer Overflow More info here
Microsoft Office Web Components OWC.Spreadsheet Evaluate method vulnerability More info here
Microsoft Works File Converter index table vulnerability More info here
Microsoft PowerPoint Floating Point Techno-color Time Bandit vulnerability More info here
Microsoft Office FlashPix Image Converter Dictionary property buffer overflow More info here
Microsoft Excel BIFF format Qsir record memory corruption More info here
Microsoft Word and WordPad RTF HTA handler command execution More info here

Open Source Vulnerability Database (OSVDB)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
77664 Microsoft Office PowerPoint OfficeArt Shape Record PowerPoint File Handling R...
77661 Microsoft Office Excel Record Parsing Object Handling Remote Memory Corruption
77659 Microsoft Office Use-after-free Border Property Word Document Handling Remote...
75387 Microsoft Office Excel Unspecified Signedness Error Excel File Handling Memor...
75386 Microsoft Office Excel Unspecified Conditional Expression Parsing Excel File ...
75385 Microsoft Office Excel Unspecified Excel File Record Handling Memory Corruption
75384 Microsoft Office Excel Unspecified Array-Indexing Weakness Excel File Handlin...
75380 Microsoft Office MSO.dll Object Pointer Dereference Word Document Handling Re...
75379 Microsoft Office MSO.dll Path Subversion Arbitrary DLL Injection Code Execution
72927 Microsoft Office Excel Out of Bounds WriteAV Unspecified Arbitrary Code Execu...
72926 Microsoft Office Excel WriteAV Unspecified Arbitrary Code Execution
72925 Microsoft Office Excel File Handling Unspecified Memory Corruption
72924 Microsoft Office Excel File Handling Unspecified Buffer Overflow
72923 Microsoft Office Excel Unspecified Memory Heap Overwrite Arbitrary Code Execu...
72922 Microsoft Office Excel Out of Bounds Array Access Unspecified Arbitrary Code ...
72921 Microsoft Office Excel Improper Record Parsing Unspecified Arbitrary Code Exe...
72920 Microsoft Office Excel Insufficient Record Validation Unspecified Arbitrary C...
72235 Microsoft Office PowerPoint File Handling Unspecified Memory Corruption
71779 Microsoft Windows/Office GDI+ (gdiplus.dll) EMF File Processing Overflow
71771 Microsoft Office PowerPoint TimeColorBehaviorContainer (Techno-color Time Ban...
71770 Microsoft Office PowerPoint PersistDirectoryEntry Processing Remote Code Exec...
71767 Microsoft Office Path Subversion Arbitrary DLL Injection Code Execution
71765 Microsoft Office Excel File Validation Record Handling Overflow
71764 Microsoft Office Excel File Handling Dangling Pointer Remote Code Execution
71763 Microsoft Office Excel File Handling Linked List Corruption Remote Code Execu...

ExploitDB Exploits

id Description
32793 MS14-017 Microsoft Word RTF Object Confusion
30011 Microsoft Tagged Image File Format (TIFF) Integer Overflow
28198 Microsoft Office 2000/2002 Property Code Execution Vulnerability
18894 Windows XP Keyboard Layouts Pool Corruption LPE 0day PoC (post-MS12-034)
18143 MS11-038 Microsoft Office Excel Malformed OBJ Record Handling Overflow
18087 MS11-021 Microsoft Office 2007 Excel .xlb Buffer Overflow
17643 Excel SLYK Format Parsing Buffer Overrun Vulnerability PoC
17544 GDI+ CreateDashedPath Integer overflow in gdiplus.dll
17474 MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit
17227 Microsoft Office Excel Axis Properties Record Parsing Buffer Overflow PoC
15158 MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution
15148 MOAUB #29 - Microsoft Excel SxView Record Parsing Heap Memory Corruption
15094 MOAUB #24 - Microsoft Excel OBJ Record Stack Overflow
15065 MOAUB #21 - Microsoft Excel WOPT Record Parsing Heap Memory Corruption
15019 MOAUB #16 - Microsoft Excel HFPicture Record Parsing Remote Code Execution Vu...
14971 MOAUB #11 - Microsoft Office Word 2007 sprmCMajority Buffer Overflow
14706 MS Excel Malformed FEATHEADER Record Exploit (MS09-067)
14361 Microsoft Excel 0x5D record Stack Overflow Vulnerability

OpenVAS Exploits

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2012-11-14 Name : Microsoft Office Remote Code Execution Vulnerabilities (2720184)
File : nvt/secpod_ms12-076.nasl
2012-11-14 Name : Microsoft Office Remote Code Execution Vulnerabilities - 2720184 (Mac OS X)
File : nvt/secpod_ms12-076_macosx.nasl
2012-11-08 Name : Microsoft Office Excel ReadAV Arbitrary Code Execution Vulnerability
File : nvt/secpod_ms_office_excel_readav_code_exec_vuln.nasl
2012-08-15 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
File : nvt/secpod_ms12-060.nasl
2012-08-15 Name : Microsoft Office Remote Code Execution Vulnerability (2731879)
File : nvt/secpod_ms12-057.nasl
2012-07-11 Name : Microsoft Office Privilege Elevation Vulnerability - 2721015 (Mac OS X)
File : nvt/secpod_ms12-051_macosx.nasl
2012-07-11 Name : Visual Basic for Applications Remote Code Execution Vulnerability (2707960)
File : nvt/secpod_ms12-046.nasl
2012-06-13 Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
2012-05-14 Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09 Name : Microsoft Office Word Remote Code Execution Vulnerability-2680352 (Mac OS X)
File : nvt/secpod_ms12-029_macosx.nasl
2012-05-09 Name : Microsoft Office Word Remote Code Execution Vulnerability (2680352)
File : nvt/secpod_ms12-029.nasl
2012-05-09 Name : Microsoft Office Remote Code Execution Vulnerabilities (2663830)
File : nvt/secpod_ms12-030.nasl
2012-05-09 Name : Microsoft Office Remote Code Execution Vulnerabilities-2663830 (Mac OS X)
File : nvt/secpod_ms12-030_macosx.nasl
2012-05-09 Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-04-11 Name : Microsoft Office Remote Code Execution Vulnerability (2639185)
File : nvt/secpod_ms12-028.nasl
2012-04-11 Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
File : nvt/secpod_ms12-027.nasl
2011-12-14 Name : Microsoft Office Excel Remote Code Execution Vulnerability (2640241)
File : nvt/secpod_ms11-096.nasl
2011-12-14 Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2639142)
File : nvt/secpod_ms11-094.nasl
2011-12-14 Name : Microsoft Office Remote Code Execution Vulnerability (2590602)
File : nvt/secpod_ms11-089.nasl
2011-09-14 Name : Microsoft Office Remote Code Execution Vulnerabilites (2587634)
File : nvt/secpod_ms11-073.nasl
2011-09-14 Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2587505)
File : nvt/secpod_ms11-072.nasl
2011-08-11 Name : Microsoft Windows Insecure Library Loading Vulnerability (2269637)
File : nvt/gb_ms_insecure_lib_loading_vuln.nasl
2011-06-15 Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2537146)
File : nvt/secpod_ms11-045.nasl
2011-05-11 Name : Microsoft Office PowerPoint Remote Code Execution Vulnerabilities (2545814)
File : nvt/secpod_ms11-036.nasl
2011-04-13 Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2489279)
File : nvt/secpod_ms11-021.nasl

Information Assurance Vulnerability Management (IAVM)

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2015-A-0214 Multiple Vulnerabilities in Microsoft Office (MS15-099)
Severity: Category II - VMSKEY: V0061389
2015-A-0212 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-097)
Severity: Category II - VMSKEY: V0061385
2015-A-0197 Microsoft Command Line Parameter Information Disclosure Vulnerability (MS15-088)
Severity: Category II - VMSKEY: V0061313
2015-A-0196 Multiple Vulnerabilities in Microsoft Graphics Component (MS15-080)
Severity: Category II - VMSKEY: V0061311
2015-A-0194 Multiple Vulnerabilities in Microsoft Office (MS15-081)
Severity: Category II - VMSKEY: V0061307
2015-A-0188 Cumulative Security Update for Microsoft Internet Explorer (MS15-079)
Severity: Category I - VMSKEY: V0061297
2015-A-0163 Multiple Vulnerabilities in Microsoft Office (MS15-070)
Severity: Category II - VMSKEY: V0061121
2015-B-0071 Multiple Vulnerabilities in Microsoft Office (MS15-059)
Severity: Category II - VMSKEY: V0060957
2015-A-0103 Multiple Vulnerabilities in Microsoft Office Products (MS15-046)
Severity: Category II - VMSKEY: V0060643
2015-A-0090 Multiple Vulnerabilities in Microsoft Office (MS15-033)
Severity: Category II - VMSKEY: V0059895
2015-A-0052 Multiple Vulnerabilities in Microsoft Office (MS15-022)
Severity: Category II - VMSKEY: V0058999
2015-B-0018 Microsoft Office Security Feature Bypass Vulnerability (MS15-013)
Severity: Category II - VMSKEY: V0058757
2015-A-0037 Multiple Remote Code Execution Vulnerabilities in Microsoft Office (MS15-012)
Severity: Category II - VMSKEY: V0058751
2014-A-0187 Microsoft Office Remote Code Execution Vulnerability (MS14-082)
Severity: Category II - VMSKEY: V0057707
2014-A-0190 Microsoft Word and Office Remote Code Execution Vulnerability (MS14-081)
Severity: Category II - VMSKEY: V0057701
2014-A-0179 Microsoft Input Method Editor (IME) Privilege Escalation Vulnerability
Severity: Category I - VMSKEY: V0057395
2014-B-0058 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0050431
2014-B-0057 Microsoft Common Control Security Feature Bypass Vulnerability
Severity: Category II - VMSKEY: V0050451
2014-A-0049 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0048675
2013-A-0225 Microsoft GDI Remote Code Execution Vulnerability
Severity: Category II - VMSKEY: V0042593
2013-B-0134 Microsoft Office Information Disclosure Vulnerability
Severity: Category II - VMSKEY: V0042589
2013-B-0135 Microsoft Office Security Bypass Vulnerability
Severity: Category II - VMSKEY: V0042585
2013-B-0126 Multiple Vulnerabilities in Microsoft Office
Severity: Category II - VMSKEY: V0042306
2013-B-0114 Multiple Vulnerabilities in Microsoft Office Excel
Severity: Category II - VMSKEY: V0040757
2013-B-0116 Microsoft SharePoint Remote Code Execution Vulnerabilities
Severity: Category II - VMSKEY: V0040765

Snort® IPS/IDS

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
Date Description
2014-01-10 Microsoft Office Outlook Saved Search download attempt
RuleID : 9847 - Type : FILE-OFFICE - Revision : 14
2014-01-10 Microsoft Office Outlook VEVENT overflow attempt
RuleID : 9841 - Type : SERVER-MAIL - Revision : 18
2014-01-10 Microsoft Office Publisher file magic detected
RuleID : 8478 - Type : FILE-IDENTIFY - Revision : 19
2014-01-10 Microsoft Office GIF image descriptor memory corruption attempt
RuleID : 8414 - Type : FILE-OFFICE - Revision : 16
2014-01-10 pub file download
RuleID : 8350 - Type : WEB-CLIENT - Revision : 4
2014-01-10 Microsoft Forms 2.0 ComboBox ActiveX CLSID unicode access
RuleID : 7955 - Type : WEB-ACTIVEX - Revision : 7
2014-01-10 Microsoft Forms 2.0 ComboBox ActiveX clsid access
RuleID : 7954 - Type : BROWSER-PLUGINS - Revision : 12
2014-01-10 Microsoft Office Data Source Control 10.0 ActiveX clsid unicode access
RuleID : 7877 - Type : WEB-ACTIVEX - Revision : 10
2014-01-10 Microsoft Office Data Source Control 10.0 ActiveX clsid access
RuleID : 7876 - Type : BROWSER-PLUGINS - Revision : 18
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX clsid unicode access
RuleID : 7873 - Type : WEB-ACTIVEX - Revision : 9
2014-01-10 Microsoft Office Spreadsheet 10.0 ActiveX clsid access
RuleID : 7872 - Type : BROWSER-PLUGINS - Revision : 17
2014-01-10 Microsoft Office Data Source Control 9.0 ActiveX clsid unicode access
RuleID : 7871 - Type : WEB-ACTIVEX - Revision : 11
2014-01-10 Microsoft Office Data Source Control 9.0 ActiveX clsid access
RuleID : 7870 - Type : BROWSER-PLUGINS - Revision : 16
2014-01-10 Microsoft Office Word information string overflow attempt
RuleID : 7203 - Type : FILE-OFFICE - Revision : 18
2014-01-10 Microsoft Office Word document summary information string overflow attempt
RuleID : 7202 - Type : FILE-OFFICE - Revision : 16
2014-01-10 Microsoft Office Word summary information null string overflow attempt
RuleID : 7201 - Type : FILE-OFFICE - Revision : 11
2014-01-10 Microsoft Office Word document summary information null string overflow attempt
RuleID : 7200 - Type : FILE-OFFICE - Revision : 11
2014-01-10 Microsoft Office Excel MSO.DLL malformed string parsing multi byte buffer ove...
RuleID : 7198 - Type : FILE-OFFICE - Revision : 10
2014-01-10 Microsoft Office Excel MSO.DLL malformed string parsing single byte buffer ov...
RuleID : 7197 - Type : FILE-OFFICE - Revision : 17
2014-01-10 Microsoft Office Excel url unicode overflow attempt
RuleID : 7002 - Type : FILE-OFFICE - Revision : 20
2014-01-10 Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2020-09-02 Microsoft Office Equation Editor stack buffer overflow attempt
RuleID : 54621 - Type : FILE-OFFICE - Revision : 1
2020-09-02 Microsoft Office Equation Editor stack buffer overflow attempt
RuleID : 54620 - Type : FILE-OFFICE - Revision : 1
2020-03-13 Malicious HTML application download attempt
RuleID : 53090 - Type : MALWARE-TOOLS - Revision : 1
2020-01-16 Microsoft Word internal OLE object update attempt
RuleID : 52482 - Type : INDICATOR-COMPROMISE - Revision : 1

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2018-12-13 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_dec_office.nasl - Type: ACT_GATHER_INFO
2018-11-14 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_nov_office.nasl - Type: ACT_GATHER_INFO
2018-10-22 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_oct_office.nasl - Type: ACT_GATHER_INFO
2018-09-11 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_sep_office.nasl - Type: ACT_GATHER_INFO
2018-08-14 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_aug_office.nasl - Type: ACT_GATHER_INFO
2018-07-10 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_jul_office.nasl - Type: ACT_GATHER_INFO
2018-05-21 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_may_office.nasl - Type: ACT_GATHER_INFO
2018-03-13 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_mar_office.nasl - Type: ACT_GATHER_INFO
2018-01-19 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macos_ms18_jan_office.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macosx_ms17_dec_office.nasl - Type: ACT_GATHER_INFO
2017-12-12 Name: The Microsoft Office Products are missing a security update.
File: smb_nt_ms17_dec_office.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The Microsoft Office Products are affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_office.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The Microsoft Office Products are affected by multiple vulnerabilities.
File: smb_nt_ms17_nov_office_compatibility.nasl - Type: ACT_GATHER_INFO
2017-11-14 Name: The Microsoft Word Products are missing a security update.
File: smb_nt_ms17_nov_word.nasl - Type: ACT_GATHER_INFO
2017-11-03 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038781.nasl - Type: ACT_GATHER_INFO
2017-10-20 Name: The remote Windows host is affected by an information disclosure vulnerability.
File: smb_nt_ms17_apr_4014793.nasl - Type: ACT_GATHER_INFO
2017-10-11 Name: The Microsoft Office Products are affected by multiple vulnerabilities.
File: smb_nt_ms17_oct_office.nasl - Type: ACT_GATHER_INFO
2017-10-11 Name: The Microsoft Sharepoint Server installation on the remote host is affected b...
File: smb_nt_ms17_oct_office_sharepoint.nasl - Type: ACT_GATHER_INFO
2017-10-11 Name: An application installed on the remote Windows host is affected by multiple r...
File: smb_nt_ms17_oct_office_web.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macosx_ms17_oct_office.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: Microsoft Office Compatibility Pack SP3 is affected by a remote code executio...
File: smb_nt_ms17_oct_office_compatibility.nasl - Type: ACT_GATHER_INFO
2017-10-10 Name: The Microsoft Office Products are missing a security update.
File: smb_nt_ms17_oct_word_viewer.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: An application installed on the remote macOS or Mac OS X host is affected by ...
File: macosx_ms17_sep_office.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038777.nasl - Type: ACT_GATHER_INFO
2017-09-12 Name: The remote Windows host is affected by multiple vulnerabilities.
File: smb_nt_ms17_sep_4038782.nasl - Type: ACT_GATHER_INFO