Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2012-05-08 |
| Product | Word | Last view | 2018-04-11 |
| Version | 2007 | Type | Application |
| Update | sp3 | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:a:microsoft:word | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 6.5 | 2018-04-11 | CVE-2018-0950 | An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007. |
| 7.8 | 2018-03-14 | CVE-2018-0922 | Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Compatibility Pack SP2, Microsoft Online Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2007 SP3, Microsoft Word 2010 SP2, Word 2013 and Microsoft Word 2016 allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". |
| 8.8 | 2018-01-22 | CVE-2018-0862 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. |
| 8.8 | 2018-01-22 | CVE-2018-0849 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. |
| 8.8 | 2018-01-22 | CVE-2018-0848 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. |
| 7.8 | 2018-01-22 | CVE-2018-0845 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. |
| 7.8 | 2018-01-09 | CVE-2018-0812 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability". |
| 8.8 | 2018-01-09 | CVE-2018-0807 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0805, and CVE-2018-0806. |
| 8.8 | 2018-01-09 | CVE-2018-0806 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0805, and CVE-2018-0807. |
| 8.8 | 2018-01-09 | CVE-2018-0805 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0804, CVE-2018-0806, and CVE-2018-0807 |
| 8.8 | 2018-01-09 | CVE-2018-0804 | Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807. |
| 7.8 | 2018-01-09 | CVE-2018-0802 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. |
| 8.8 | 2018-01-09 | CVE-2018-0801 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Remote Code Execution Vulnerability". |
| 8.8 | 2018-01-09 | CVE-2018-0798 | Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". |
| 7.8 | 2018-01-09 | CVE-2018-0797 | Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability". |
| 8.8 | 2018-01-09 | CVE-2018-0794 | Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0792. |
| 7.8 | 2018-01-09 | CVE-2018-0793 | Microsoft Outlook 2007, Microsoft Outlook 2010 and Microsoft Outlook 2013 allow a remote code execution vulnerability due to the way email messages are parsed, aka "Microsoft Outlook Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0791. |
| 8.8 | 2017-11-14 | CVE-2017-11854 | Microsoft Word 2007 Service Pack 3, Microsoft Word 2010 Service Pack 2, Microsoft Office 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 allow an attacker to run arbitrary code in the context of the current user by failing to properly handle objects in memory, aka "Microsoft Word Memory Corruption Vulnerability". |
| 8.8 | 2017-06-14 | CVE-2017-8509 | A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-0260, and CVE-2017-8506. |
| 5.5 | 2017-03-16 | CVE-2017-0105 | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." |
| 7.8 | 2017-03-16 | CVE-2017-0053 | Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 R2 SP1, Word 2016, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0031, and CVE-2017-0052. |
| 7.8 | 2017-03-16 | CVE-2017-0031 | Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Word 2007 SP3, and Word 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0030, CVE-2017-0052, and CVE-2017-0053. |
| 7.8 | 2017-03-16 | CVE-2017-0030 | Microsoft Office 2010 SP2, Office Compatibility Pack SP3, Office Web Apps Server 2010 SP2, Word 2007 SP3, Word 2010 SP2, and Word Automation Services on SharePoint Server 2010 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability." This vulnerability is different from those described in CVE-2017-0006, CVE-2017-0019, CVE-2017-0020, CVE-2017-0031, CVE-2017-0052, and CVE-2017-0053. |
| 7.1 | 2016-12-20 | CVE-2016-7291 | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7290. |
| 7.1 | 2016-12-20 | CVE-2016-7290 | Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7291. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 58% (40) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 7% (5) | CWE-787 | Out-of-bounds Write |
| 7% (5) | CWE-399 | Resource Management Errors |
| 7% (5) | CWE-200 | Information Exposure |
| 7% (5) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
| 4% (3) | CWE-125 | Out-of-bounds Read |
| 2% (2) | CWE-20 | Improper Input Validation |
| 1% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 1% (1) | CWE-189 | Numeric Errors |
| 1% (1) | CWE-19 | Data Handling |
SAINT Exploits
| Description | Link |
|---|---|
| Microsoft Word RTF Object Confusion | More info here |
ExploitDB Exploits
| id | Description |
|---|---|
| 32793 | MS14-017 Microsoft Word RTF Object Confusion |
| 18894 | Windows XP Keyboard Layouts Pool Corruption LPE 0day PoC (post-MS12-034) |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-12-12 | Name : Microsoft Office Word Remote Code Execution Vulnerability (2780642) File : nvt/secpod_ms12-079.nasl |
| 2012-10-10 | Name : Microsoft Office Word Remote Code Execution Vulnerabilities (2742319) File : nvt/secpod_ms12-064.nasl |
| 2012-05-09 | Name : Microsoft Office Word Remote Code Execution Vulnerability (2680352) File : nvt/secpod_ms12-029.nasl |
| 2012-05-09 | Name : Microsoft Office Word Remote Code Execution Vulnerability-2680352 (Mac OS X) File : nvt/secpod_ms12-029_macosx.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2015-A-0188 | Cumulative Security Update for Microsoft Internet Explorer (MS15-079) Severity: Category I - VMSKEY: V0061297 |
| 2015-A-0194 | Multiple Vulnerabilities in Microsoft Office (MS15-081) Severity: Category II - VMSKEY: V0061307 |
| 2015-A-0197 | Microsoft Command Line Parameter Information Disclosure Vulnerability (MS15-088) Severity: Category II - VMSKEY: V0061313 |
| 2015-A-0163 | Multiple Vulnerabilities in Microsoft Office (MS15-070) Severity: Category II - VMSKEY: V0061121 |
| 2015-A-0090 | Multiple Vulnerabilities in Microsoft Office (MS15-033) Severity: Category II - VMSKEY: V0059895 |
| 2015-A-0052 | Multiple Vulnerabilities in Microsoft Office (MS15-022) Severity: Category II - VMSKEY: V0058999 |
| 2015-A-0037 | Multiple Remote Code Execution Vulnerabilities in Microsoft Office (MS15-012) Severity: Category II - VMSKEY: V0058751 |
| 2014-A-0190 | Microsoft Word and Office Remote Code Execution Vulnerability (MS14-081) Severity: Category II - VMSKEY: V0057701 |
| 2014-B-0074 | Microsoft Word Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0052501 |
| 2014-A-0049 | Multiple Vulnerabilities in Microsoft Office Severity: Category II - VMSKEY: V0048675 |
| 2014-A-0006 | Multiple Vulnerabilities in Microsoft Office and Web Apps Severity: Category II - VMSKEY: V0043406 |
| 2013-B-0115 | Microsoft Office Word Remote Code Execution Vulnerabilities Severity: Category II - VMSKEY: V0040756 |
| 2013-A-0178 | Multiple Vulnerabilities in Microsoft Office Severity: Category II - VMSKEY: V0040289 |
| 2013-A-0174 | Multiple Remote Code Execution Vulnerabilities in Microsoft SharePoint Server Severity: Category II - VMSKEY: V0040292 |
| 2012-A-0194 | Microsoft Office Word Remote Code Execution Vulnerability Severity: Category II - VMSKEY: V0035492 |
| 2012-A-0083 | Microsoft Office Word Remote Code Execution Vulnerability Severity: Category I - VMSKEY: V0032316 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2019-08-13 | Microsoft Office Equation Editor remote code execution attempt RuleID : 50695 - Type : MALWARE-OTHER - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor remote code execution attempt RuleID : 50694 - Type : MALWARE-OTHER - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor RTF evasion attempt RuleID : 50693 - Type : FILE-OFFICE - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor RTF evasion attempt RuleID : 50692 - Type : FILE-OFFICE - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor RTF evasion attempt RuleID : 50691 - Type : FILE-OFFICE - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor RTF evasion attempt RuleID : 50690 - Type : FILE-OFFICE - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor RTF embedded OLE evasion attempt RuleID : 50685 - Type : FILE-OFFICE - Revision : 1 |
| 2019-08-13 | Microsoft Office Equation Editor RTF embedded OLE evasion attempt RuleID : 50684 - Type : FILE-OFFICE - Revision : 1 |
| 2019-06-04 | Win.Doc.Dropper SectorB06 malicious rtf dropper download attempt RuleID : 50009 - Type : MALWARE-CNC - Revision : 2 |
| 2019-06-04 | Win.Doc.Dropper SectorB06 malicious rtf dropper download attempt RuleID : 50008 - Type : MALWARE-CNC - Revision : 2 |
| 2019-03-05 | Microsoft Office XML nested num tag double-free attempt RuleID : 49049 - Type : FILE-OFFICE - Revision : 1 |
| 2019-03-05 | Microsoft Office XML nested num tag double-free attempt RuleID : 49048 - Type : FILE-OFFICE - Revision : 1 |
| 2018-05-15 | Microsoft Office Outlook 2003 OLE information disclosure attempt detected RuleID : 46267 - Type : FILE-OTHER - Revision : 1 |
| 2018-05-15 | Microsoft Office Outlook 2003 OLE information disclosure attempt detected RuleID : 46266 - Type : FILE-OTHER - Revision : 1 |
| 2018-05-01 | Microsoft Office Equation Editor RTF evasion attempt RuleID : 46107 - Type : FILE-OFFICE - Revision : 1 |
| 2018-05-01 | Microsoft Office Equation Editor RTF evasion attempt RuleID : 46106 - Type : FILE-OFFICE - Revision : 1 |
| 2018-04-11 | Microsoft Office RTF listoverride memory corruption attempt RuleID : 45880 - Type : FILE-OFFICE - Revision : 2 |
| 2018-04-11 | Microsoft Office RTF listoverride memory corruption attempt RuleID : 45879 - Type : FILE-OFFICE - Revision : 2 |
| 2018-02-22 | Microsoft Office Equation Editor Package objclass RTF evasion attempt RuleID : 45512 - Type : FILE-OFFICE - Revision : 2 |
| 2018-02-22 | Microsoft Office Equation Editor Package objclass RTF evasion attempt RuleID : 45511 - Type : FILE-OFFICE - Revision : 2 |
| 2018-02-20 | Microsoft Office None type objclass RTF evasion attempt RuleID : 45467 - Type : FILE-OFFICE - Revision : 2 |
| 2018-02-20 | Microsoft Office None type objclass RTF evasion attempt RuleID : 45466 - Type : FILE-OFFICE - Revision : 2 |
| 2018-02-08 | Microsoft Office Word memory corruption exploit attempt RuleID : 45403 - Type : FILE-OFFICE - Revision : 3 |
| 2018-02-08 | Microsoft Office Word memory corruption exploit attempt RuleID : 45402 - Type : FILE-OFFICE - Revision : 3 |
| 2017-12-29 | Microsoft Office Equation Editor object with automatic execution embedded in ... RuleID : 44990 - Type : FILE-OFFICE - Revision : 4 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-01-19 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macos_ms18_jan_office.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The Microsoft Word Products are missing a security update. File: smb_nt_ms17_nov_word.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The Microsoft Office Products are affected by multiple vulnerabilities. File: smb_nt_ms17_nov_office_compatibility.nasl - Type: ACT_GATHER_INFO |
| 2017-11-14 | Name: The Microsoft Office Products are affected by multiple vulnerabilities. File: smb_nt_ms17_nov_office.nasl - Type: ACT_GATHER_INFO |
| 2017-06-14 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_jun_office_web.nasl - Type: ACT_GATHER_INFO |
| 2017-06-14 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_jun_office_sharepoint.nasl - Type: ACT_GATHER_INFO |
| 2017-06-14 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms17_jun_office.nasl - Type: ACT_GATHER_INFO |
| 2017-06-13 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms17_june_office.nasl - Type: ACT_GATHER_INFO |
| 2017-03-15 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms17-014.nasl - Type: ACT_GATHER_INFO |
| 2017-03-15 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms17-014_office.nasl - Type: ACT_GATHER_INFO |
| 2016-12-14 | Name: An application installed on the remote host is affected by multiple vulnerabi... File: smb_nt_ms16-148.nasl - Type: ACT_GATHER_INFO |
| 2016-12-14 | Name: An application installed on the remote macOS or Mac OS X host is affected by ... File: macosx_ms16-148_office.nasl - Type: ACT_GATHER_INFO |
| 2016-08-10 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-099.nasl - Type: ACT_GATHER_INFO |
| 2016-07-12 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-088.nasl - Type: ACT_GATHER_INFO |
| 2016-07-12 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms16-088_office.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: An application installed on the remote Windows host is affected by multiple v... File: smb_nt_ms16-070.nasl - Type: ACT_GATHER_INFO |
| 2016-06-15 | Name: An application installed on the remote Mac OS X host is affected by a remote ... File: macosx_ms16-070_office.nasl - Type: ACT_GATHER_INFO |
| 2016-05-11 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms16-054_office.nasl - Type: ACT_GATHER_INFO |
| 2016-05-10 | Name: An application installed on the remote Windows host is affected by multiple r... File: smb_nt_ms16-054.nasl - Type: ACT_GATHER_INFO |
| 2016-04-12 | Name: An application installed on the remote Windows host is affected by multiple r... File: smb_nt_ms16-042.nasl - Type: ACT_GATHER_INFO |
| 2016-03-17 | Name: An application installed on the remote Mac OS X host is affected by a remote ... File: macosx_ms16-029_office.nasl - Type: ACT_GATHER_INFO |
| 2016-03-08 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms16-029.nasl - Type: ACT_GATHER_INFO |
| 2016-02-22 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms16-015_office.nasl - Type: ACT_GATHER_INFO |
| 2016-02-09 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms16-015.nasl - Type: ACT_GATHER_INFO |
| 2016-01-12 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms16-004.nasl - Type: ACT_GATHER_INFO |
