Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2016-06-15 |
| Product | Office Online Server | Last view | 2022-06-15 |
| Version | - | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:office_online_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 5.5 | 2022-06-15 | CVE-2022-30172 | Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30171. |
| 5.5 | 2022-06-15 | CVE-2022-30171 | Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30159, CVE-2022-30172. |
| 5.5 | 2022-06-15 | CVE-2022-30159 | Microsoft Office Information Disclosure Vulnerability. This CVE ID is unique from CVE-2022-30171, CVE-2022-30172. |
| 7.8 | 2022-05-10 | CVE-2022-29109 | Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-29110. |
| 7.8 | 2022-04-15 | CVE-2022-26901 | Microsoft Excel Remote Code Execution Vulnerability. This CVE ID is unique from CVE-2022-24473. |
| 5.5 | 2022-02-09 | CVE-2022-22716 | Microsoft Excel Information Disclosure Vulnerability. |
| 8.8 | 2022-01-11 | CVE-2022-21840 | Microsoft Office Remote Code Execution Vulnerability. |
| 7.8 | 2021-12-15 | CVE-2021-43256 | Microsoft Excel Remote Code Execution Vulnerability |
| 7.8 | 2021-11-10 | CVE-2021-40442 | Microsoft Excel Remote Code Execution Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40486 | Microsoft Word Remote Code Execution Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40485 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40479. |
| 7.8 | 2021-10-13 | CVE-2021-40474 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40479, CVE-2021-40485. |
| 5.5 | 2021-10-13 | CVE-2021-40472 | Microsoft Excel Information Disclosure Vulnerability |
| 7.8 | 2021-09-15 | CVE-2021-38655 | Microsoft Excel Remote Code Execution Vulnerability |
| 5.3 | 2021-07-16 | CVE-2021-34451 | Microsoft Office Online Server Spoofing Vulnerability |
| 8.8 | 2021-07-14 | CVE-2021-34501 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34518. |
| 7.8 | 2021-06-08 | CVE-2021-31939 | Microsoft Excel Remote Code Execution Vulnerability |
| 7.8 | 2021-05-11 | CVE-2021-31179 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31177. |
| 5.5 | 2021-05-11 | CVE-2021-31178 | Microsoft Office Information Disclosure Vulnerability |
| 7.8 | 2021-05-11 | CVE-2021-31177 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31179. |
| 7.8 | 2021-05-11 | CVE-2021-31176 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31177, CVE-2021-31179. |
| 7.8 | 2021-05-11 | CVE-2021-31175 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179. |
| 5.5 | 2021-05-11 | CVE-2021-31174 | Microsoft Excel Information Disclosure Vulnerability |
| 5.5 | 2021-04-13 | CVE-2021-28456 | Microsoft Excel Information Disclosure Vulnerability |
| 7.8 | 2021-04-13 | CVE-2021-28454 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28451. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 33% (7) | CWE-416 | Use After Free |
| 19% (4) | CWE-346 | Origin Validation Error |
| 9% (2) | CWE-125 | Out-of-bounds Read |
| 4% (1) | CWE-787 | Out-of-bounds Write |
| 4% (1) | CWE-668 | Exposure of Resource to Wrong Sphere |
| 4% (1) | CWE-200 | Information Exposure |
| 4% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
| 4% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 4% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 4% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 4% (1) | CWE-20 | Improper Input Validation |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-07-13 | Microsoft Office Word mso.dll subcomponent use after free attempt RuleID : 39222 - Type : FILE-OFFICE - Revision : 2 |
| 2016-07-13 | Microsoft Office Word mso.dll subcomponent use after free attempt RuleID : 39221 - Type : FILE-OFFICE - Revision : 2 |
| 2015-08-14 | Microsoft Office Word sprmPItap heap corruption attempt RuleID : 35191 - Type : FILE-OFFICE - Revision : 3 |
| 2015-08-14 | Microsoft Office Word sprmPItap heap corruption attempt RuleID : 35190 - Type : FILE-OFFICE - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-06-15 | Name: An application installed on the remote Mac OS X host is affected by a remote ... File: macosx_ms16-070_office.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-070.nasl - Type: ACT_GATHER_INFO |
