Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2015-04-14 |
| Product | Office Web Apps | Last view | 2021-09-15 |
| Version | 2013 | Type | Application |
| Update | sp1 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:office_web_apps | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2021-09-15 | CVE-2021-38655 | Microsoft Excel Remote Code Execution Vulnerability |
| 7.8 | 2021-03-11 | CVE-2021-27057 | Microsoft Office Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24108, CVE-2021-27059. |
| 7.8 | 2021-03-11 | CVE-2021-27054 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27053. |
| 7.8 | 2021-03-11 | CVE-2021-27053 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-27054. |
| 7.8 | 2021-02-25 | CVE-2021-24070 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24069. |
| 7.8 | 2021-02-25 | CVE-2021-24069 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24068, CVE-2021-24070. |
| 7.8 | 2021-02-25 | CVE-2021-24068 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24067, CVE-2021-24069, CVE-2021-24070. |
| 7.8 | 2021-02-25 | CVE-2021-24067 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2021-24068, CVE-2021-24069, CVE-2021-24070. |
| 7.8 | 2020-12-10 | CVE-2020-17129 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128. |
| 7.8 | 2020-12-10 | CVE-2020-17128 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17125, CVE-2020-17127, CVE-2020-17129. |
| 5.5 | 2020-12-10 | CVE-2020-17126 | Microsoft Excel Information Disclosure Vulnerability |
| 7.8 | 2020-12-10 | CVE-2020-17125 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17123, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129. |
| 7.8 | 2020-12-10 | CVE-2020-17123 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17122, CVE-2020-17125, CVE-2020-17127, CVE-2020-17128, CVE-2020-17129. |
| 7.8 | 2020-11-11 | CVE-2020-17065 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17019, CVE-2020-17064, CVE-2020-17066. |
| 7.8 | 2020-11-11 | CVE-2020-17064 | Microsoft Excel Remote Code Execution Vulnerability This CVE ID is unique from CVE-2020-17019, CVE-2020-17065, CVE-2020-17066. |
| 7.8 | 2020-10-16 | CVE-2020-16932 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16929, CVE-2020-16930, CVE-2020-16931. |
| 7.8 | 2020-10-16 | CVE-2020-16931 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16929, CVE-2020-16930, CVE-2020-16932. |
| 7.8 | 2020-10-16 | CVE-2020-16929 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-16930, CVE-2020-16931, CVE-2020-16932. |
| 8.8 | 2020-09-11 | CVE-2020-1335 | A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1193, CVE-2020-1332, CVE-2020-1594. |
| 5.5 | 2020-09-11 | CVE-2020-1224 | An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'. |
| 8.8 | 2020-09-11 | CVE-2020-1218 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1338. |
| 5.5 | 2020-08-17 | CVE-2020-1583 | An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1502, CVE-2020-1503. |
| 5.5 | 2020-08-17 | CVE-2020-1503 | An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory, aka 'Microsoft Word Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1502, CVE-2020-1583. |
| 8.8 | 2020-07-14 | CVE-2020-1448 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447. |
| 8.8 | 2020-07-14 | CVE-2020-1447 | A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (4) | CWE-416 | Use After Free |
| 18% (3) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 18% (3) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 12% (2) | CWE-125 | Out-of-bounds Read |
| 6% (1) | CWE-787 | Out-of-bounds Write |
| 6% (1) | CWE-399 | Resource Management Errors |
| 6% (1) | CWE-200 | Information Exposure |
| 6% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0090 | Multiple Vulnerabilities in Microsoft Office (MS15-033) Severity: Category II - VMSKEY: V0059895 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-03-05 | Microsoft Office XML nested num tag double-free attempt RuleID : 49049 - Type : FILE-OFFICE - Revision : 1 |
| 2019-03-05 | Microsoft Office XML nested num tag double-free attempt RuleID : 49048 - Type : FILE-OFFICE - Revision : 1 |
| 2019-01-15 | Microsoft Office Powerpoint use after free attempt RuleID : 48602 - Type : FILE-OFFICE - Revision : 2 |
| 2019-01-15 | Microsoft Office Powerpoint use after free attempt RuleID : 48601 - Type : FILE-OFFICE - Revision : 2 |
| 2018-06-07 | Microsoft Office Outlook HTML acronym tag memory corruption attempt RuleID : 46602 - Type : FILE-OFFICE - Revision : 3 |
| 2018-06-07 | Microsoft Office Outlook HTML acronym tag memory corruption attempt RuleID : 46601 - Type : FILE-OFFICE - Revision : 3 |
| 2018-05-10 | Microsoft Office Excel graphics remote code execution attempt RuleID : 46183 - Type : FILE-OFFICE - Revision : 1 |
| 2018-05-10 | Microsoft Office Excel graphics remote code execution attempt RuleID : 46182 - Type : FILE-OFFICE - Revision : 1 |
| 2018-04-11 | Microsoft Office RTF listoverride memory corruption attempt RuleID : 45880 - Type : FILE-OFFICE - Revision : 2 |
| 2018-04-11 | Microsoft Office RTF listoverride memory corruption attempt RuleID : 45879 - Type : FILE-OFFICE - Revision : 2 |
| 2017-10-17 | Microsoft Office RTF hex encoded WRAssembly ASLR bypass download attempt RuleID : 44364 - Type : FILE-OFFICE - Revision : 2 |
| 2017-10-17 | Microsoft Office RTF hex encoded WRAsembly ASLR bypass download attempt RuleID : 44363 - Type : FILE-OFFICE - Revision : 2 |
| 2017-03-14 | Microsoft Office Excel xlsb use-after-free attempt RuleID : 41566 - Type : FILE-OFFICE - Revision : 5 |
| 2017-03-14 | Microsoft Office Excel xlsb use-after-free attempt RuleID : 41565 - Type : FILE-OFFICE - Revision : 5 |
| 2016-12-06 | Microsoft Office Word out of bounds memory read attempt RuleID : 40702 - Type : FILE-OFFICE - Revision : 3 |
| 2016-12-06 | Microsoft Office Word out of bounds memory read attempt RuleID : 40701 - Type : FILE-OFFICE - Revision : 3 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRLoader CLSID ASLR bypass download attempt RuleID : 40635 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRAssembly CLSID ASLR bypass download attempt RuleID : 40634 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRLoader CLSID ASLR bypass download attempt RuleID : 40633 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRAssembly CLSID ASLR bypass download attempt RuleID : 40632 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded wrLoader ASLR bypass download attempt RuleID : 40631 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRLoader ASLR bypass download attempt RuleID : 40630 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRAssembly ASLR bypass download attempt RuleID : 40629 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF hex encoded WRAsembly ASLR bypass download attempt RuleID : 40628 - Type : FILE-OFFICE - Revision : 2 |
| 2016-12-06 | Microsoft Office RTF WRLoader CLSID ASLR bypass download attempt RuleID : 40627 - Type : FILE-OFFICE - Revision : 2 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-12-13 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_dec_office.nasl - Type: ACT_GATHER_INFO |
| 2017-05-19 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms17_may_office.nasl - Type: ACT_GATHER_INFO |
| 2017-05-10 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_may_office.nasl - Type: ACT_GATHER_INFO |
| 2017-03-15 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms17-014_office.nasl - Type: ACT_GATHER_INFO |
| 2017-03-15 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms17-014.nasl - Type: ACT_GATHER_INFO |
| 2016-11-16 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms16-133_office.nasl - Type: ACT_GATHER_INFO |
| 2016-11-08 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms16-133.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-070.nasl - Type: ACT_GATHER_INFO |
| 2015-10-13 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-110.nasl - Type: ACT_GATHER_INFO |
| 2015-04-14 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms15-033_office_2011.nasl - Type: ACT_GATHER_INFO |
| 2015-04-14 | Name: The remote host is affected by multiple remote code execution vulnerabilities. File: smb_nt_ms15-033.nasl - Type: ACT_GATHER_INFO |
