Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2016-06-15 |
| Product | Office Online Server | Last view | 2021-10-13 |
| Version | - | Type | Application |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:office_online_server | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2021-10-13 | CVE-2021-40486 | Microsoft Word Remote Code Execution Vulnerability |
| 7.8 | 2021-10-13 | CVE-2021-40485 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40474, CVE-2021-40479. |
| 7.8 | 2021-10-13 | CVE-2021-40474 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-40471, CVE-2021-40473, CVE-2021-40479, CVE-2021-40485. |
| 5.5 | 2021-10-13 | CVE-2021-40472 | Microsoft Excel Information Disclosure Vulnerability |
| 7.8 | 2021-09-15 | CVE-2021-38655 | Microsoft Excel Remote Code Execution Vulnerability |
| 5.3 | 2021-07-16 | CVE-2021-34451 | Microsoft Office Online Server Spoofing Vulnerability |
| 8.8 | 2021-07-14 | CVE-2021-34501 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-34518. |
| 7.8 | 2021-06-08 | CVE-2021-31939 | Microsoft Excel Remote Code Execution Vulnerability |
| 7.8 | 2021-05-11 | CVE-2021-31179 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31177. |
| 5.5 | 2021-05-11 | CVE-2021-31178 | Microsoft Office Information Disclosure Vulnerability |
| 7.8 | 2021-05-11 | CVE-2021-31177 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31176, CVE-2021-31179. |
| 7.8 | 2021-05-11 | CVE-2021-31176 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31175, CVE-2021-31177, CVE-2021-31179. |
| 7.8 | 2021-05-11 | CVE-2021-31175 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-31176, CVE-2021-31177, CVE-2021-31179. |
| 5.5 | 2021-05-11 | CVE-2021-31174 | Microsoft Excel Information Disclosure Vulnerability |
| 5.5 | 2021-04-13 | CVE-2021-28456 | Microsoft Excel Information Disclosure Vulnerability |
| 7.8 | 2021-04-13 | CVE-2021-28454 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28451. |
| 7.8 | 2021-04-13 | CVE-2021-28453 | Microsoft Word Remote Code Execution Vulnerability |
| 7.8 | 2021-04-13 | CVE-2021-28451 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-28454. |
| 7.8 | 2021-03-11 | CVE-2021-27057 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27059. |
| 7.8 | 2021-03-11 | CVE-2021-27054 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27053. |
| 7.8 | 2021-03-11 | CVE-2021-27053 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27054. |
| 7.8 | 2021-02-25 | CVE-2021-24070 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24069. |
| 7.8 | 2021-02-25 | CVE-2021-24069 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24070. |
| 7.8 | 2021-02-25 | CVE-2021-24067 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24068, CVE-2021-24069, CVE-2021-24070. |
| 7.8 | 2021-01-12 | CVE-2021-1716 | Microsoft Word Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-1715. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 36% (7) | CWE-416 | Use After Free |
| 21% (4) | CWE-346 | Origin Validation Error |
| 15% (3) | CWE-200 | Information Exposure |
| 5% (1) | CWE-787 | Out-of-bounds Write |
| 5% (1) | CWE-125 | Out-of-bounds Read |
| 5% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 5% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 5% (1) | CWE-20 | Improper Input Validation |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-07-13 | Microsoft Office Word mso.dll subcomponent use after free attempt RuleID : 39222 - Type : FILE-OFFICE - Revision : 2 |
| 2016-07-13 | Microsoft Office Word mso.dll subcomponent use after free attempt RuleID : 39221 - Type : FILE-OFFICE - Revision : 2 |
| 2015-08-14 | Microsoft Office Word sprmPItap heap corruption attempt RuleID : 35191 - Type : FILE-OFFICE - Revision : 3 |
| 2015-08-14 | Microsoft Office Word sprmPItap heap corruption attempt RuleID : 35190 - Type : FILE-OFFICE - Revision : 3 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-06-15 | Name: An application installed on the remote Mac OS X host is affected by a remote ... File: macosx_ms16-070_office.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-070.nasl - Type: ACT_GATHER_INFO |
