Summary
| Detail | |||
|---|---|---|---|
| Vendor | Microsoft | First view | 2004-09-28 |
| Product | Infopath | Last view | 2018-05-09 |
| Version | 2007 | Type | |
| Update | |||
| Edition | |||
| Language | |||
| Sofware Edition | |||
| Target Software | |||
| Target Hardware | |||
| Other | |||
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 7.8 | 2018-05-09 | CVE-2018-8173 | A remote code execution vulnerability exists in Microsoft InfoPath when the software fails to properly handle objects in memory, aka "Microsoft InfoPath Remote Code Execution Vulnerability." This affects Microsoft Infopath. |
| 7.8 | 2016-03-09 | CVE-2016-0021 | Microsoft InfoPath 2007 SP3, 2010 SP2, and 2013 SP1 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability." |
| 9.3 | 2015-11-11 | CVE-2015-2503 | Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, PowerPoint 2010 SP2, Project 2010 SP2, Publisher 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Pinyin IME 2010, Access 2013 SP1, Excel 2013 SP1, InfoPath 2013 SP1, OneNote 2013 SP1, PowerPoint 2013 SP1, Project 2013 SP1, Publisher 2013 SP1, Visio 2013 SP1, Word 2013 SP1, Excel 2013 RT SP1, OneNote 2013 RT SP1, PowerPoint 2013 RT SP1, Word 2013 RT SP1, Access 2016, Excel 2016, OneNote 2016, PowerPoint 2016, Project 2016, Publisher 2016, Visio 2016, Word 2016, Skype for Business 2016, and Lync 2013 SP1 allow remote attackers to bypass a sandbox protection mechanism and gain privileges via a crafted web site that is accessed with Internet Explorer, as demonstrated by a transition from Low Integrity to Medium Integrity, aka "Microsoft Office Elevation of Privilege Vulnerability." |
| 4.3 | 2013-04-09 | CVE-2013-1289 | Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability." |
| 4.3 | 2012-10-09 | CVE-2012-2520 | Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1, Groove Server 2010 SP1, Windows SharePoint Services 3.0 SP2, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to inject arbitrary web script or HTML via a crafted string, aka "HTML Sanitization Vulnerability." |
| 7.5 | 2008-07-07 | CVE-2008-3068 | Microsoft Crypto API 5.131.2600.2180 through 6.0, as used in Outlook, Windows Live Mail, and Office 2007, performs Certificate Revocation List (CRL) checks by using an arbitrary URL from a certificate embedded in a (1) S/MIME e-mail message or (2) signed document, which allows remote attackers to obtain reading times and IP addresses of recipients, and port-scan results, via a crafted certificate with an Authority Information Access (AIA) extension. |
| 9.3 | 2007-02-02 | CVE-2007-0671 | Unspecified vulnerability in Microsoft Excel 2000, XP, 2003, and 2004 for Mac, and possibly other Office products, allows remote user-assisted attackers to execute arbitrary code via unknown attack vectors, as demonstrated by Exploit-MSExcel.h in targeted zero-day attacks. |
| 9.3 | 2006-10-10 | CVE-2006-3877 | Unspecified vulnerability in PowerPoint in Microsoft Office 2000, Office 2002, Office 2003, Office 2004 for Mac, and Office v.X for Mac allows user-assisted attackers to execute arbitrary code via an unspecified "crafted file," a different vulnerability than CVE-2006-3435, CVE-2006-4694, and CVE-2006-3876. |
| 9.3 | 2004-09-28 | CVE-2004-0200 | Buffer overflow in the JPEG (JPG) parsing engine in the Microsoft Graphic Device Interface Plus (GDI+) component, GDIPlus.dll, allows remote attackers to execute arbitrary code via a JPEG image with a small JPEG COM field length that is normalized to a large integer length before a memory copy operation. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 40% (2) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
| 20% (1) | CWE-264 | Permissions, Privileges, and Access Controls |
| 20% (1) | CWE-119 | Failure to Constrain Operations within the Bounds of a Memory Buffer |
| 20% (1) | CWE-94 | Failure to Control Generation of Code ('Code Injection') |
Oval Markup Language : Definitions
| OvalID | Name |
|---|---|
| oval:org.mitre.oval:def:4307 | GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2002) |
| oval:org.mitre.oval:def:4216 | GDI+ JPEG Parsing Engine Buffer Overflow (IE6) |
| oval:org.mitre.oval:def:4003 | GDI+ JPEG Parsing Engine Buffer Overflow (Windows XP) |
| oval:org.mitre.oval:def:3881 | GDI+ JPEG Parsing Engine Buffer Overflow (Office XP,SP2) |
| oval:org.mitre.oval:def:3810 | GDI+ JPEG Parsing Engine Buffer Overflow (Project 2003) |
| oval:org.mitre.oval:def:3320 | GDI+ JPEG Parsing Engine Buffer Overflow Microsoft Office Visio Pro 2003 |
| oval:org.mitre.oval:def:3082 | GDI+ JPEG Parsing Engine Buffer Overflow (Visio Pro 2002) |
| oval:org.mitre.oval:def:3038 | GDI+ JPEG Parsing Engine Buffer Overflow (Project 2002,SP1) |
| oval:org.mitre.oval:def:2706 | GDI+ JPEG Parsing Engine Buffer Overflow (Office 2003) |
| oval:org.mitre.oval:def:1721 | GDI+ JPEG Parsing Engine Buffer Overflow (VS.NET 2003) |
| oval:org.mitre.oval:def:1105 | GDI+ JPEG Parsing Engine Buffer Overflow (Server 2003) |
| oval:org.mitre.oval:def:568 | PowerPoint Malformed Record Memory Corruption Vulnerability |
| oval:org.mitre.oval:def:220 | Microsoft PowerPoint Malformed Record Memory Corruption Vulnerability |
| oval:org.mitre.oval:def:301 | Excel Malformed Record Vulnerability |
| oval:org.mitre.oval:def:14976 | Vulnerability in HTML Sanitization Component Could Allow Elevation of Privile... |
| oval:org.mitre.oval:def:16599 | Vulnerability in HTML sanitization component could allow elevation of privile... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 47004 | Microsoft Crypto API S/MIME X.509 Certificate CRL Check Remote Information Di... |
| 31901 | Microsoft Office Unspecified String Handling Arbitrary Code Execution |
| 29448 | Microsoft PowerPoint Crafted File Unspecified Code Execution |
| 9951 | Microsoft Multiple Products GDIPlus.dll JPEG Processing Overflow |
OpenVAS Exploits
| id | Description |
|---|---|
| 2012-10-10 | Name : Microsoft Products HTML Sanitisation Component XSS Vulnerability (2741517) File : nvt/secpod_ms12-066.nasl |
Information Assurance Vulnerability Management (IAVM)
| id | Description |
|---|---|
| 2013-A-0083 | Microsoft Office HTML Sanitization Privilege Escalation Vulnerability Severity: Category II - VMSKEY: V0037613 |
Snort® IPS/IDS
| Date | Description |
|---|---|
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38129 - Type : FILE-OFFICE - Revision : 2 |
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38128 - Type : FILE-OFFICE - Revision : 2 |
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38127 - Type : FILE-OFFICE - Revision : 2 |
| 2016-04-07 | Microsoft Office Word ipdesign.dll ActiveX object access attempt RuleID : 38126 - Type : FILE-OFFICE - Revision : 2 |
| 2016-03-14 | Microsoft Office Word CoCreateInstance elevation of privilege attempt RuleID : 36721 - Type : FILE-OFFICE - Revision : 3 |
| 2016-03-14 | Microsoft Office Word CoCreateInstance elevation of privilege attempt RuleID : 36720 - Type : FILE-OFFICE - Revision : 3 |
| 2014-08-27 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 31719-community - Type : FILE-IMAGE - Revision : 2 |
| 2014-11-16 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 31719 - Type : FILE-IMAGE - Revision : 2 |
| 2014-01-10 | JPEG parser multipacket heap overflow attempt RuleID : 27569 - Type : FILE-IMAGE - Revision : 4 |
| 2014-01-10 | JPEG parser multipacket heap overflow attempt RuleID : 2707-community - Type : FILE-IMAGE - Revision : 14 |
| 2014-01-10 | JPEG parser multipacket heap overflow attempt RuleID : 2707 - Type : FILE-IMAGE - Revision : 14 |
| 2014-01-10 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 2705-community - Type : FILE-IMAGE - Revision : 18 |
| 2014-01-10 | Microsoft Multiple Products JPEG parser heap overflow attempt RuleID : 2705 - Type : FILE-IMAGE - Revision : 18 |
| 2014-01-10 | Microsoft Internet Explorer expression clause in style tag cross site scripti... RuleID : 26354 - Type : BROWSER-IE - Revision : 6 |
| 2014-01-10 | Microsoft multiple product toStaticHTML XSS attempt RuleID : 23137 - Type : BROWSER-IE - Revision : 11 |
| 2014-01-10 | Microsoft multiple product toStaticHTML XSS attempt RuleID : 23136 - Type : BROWSER-IE - Revision : 11 |
| 2014-01-10 | Microsoft Office Drawing Record msofbtOPT Code Execution attempt RuleID : 17579 - Type : FILE-OFFICE - Revision : 16 |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2016-03-08 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms16-029.nasl - Type: ACT_GATHER_INFO |
| 2015-11-10 | Name: The remote Windows host is affected by multiple vulnerabilities. File: smb_nt_ms15-116.nasl - Type: ACT_GATHER_INFO |
| 2013-04-10 | Name: The remote host is affected by a cross-site scripting vulnerability. File: smb_nt_ms13-035.nasl - Type: ACT_GATHER_INFO |
| 2012-10-10 | Name: The remote host is affected by a privilege escalation vulnerability. File: smb_nt_ms12-066.nasl - Type: ACT_GATHER_INFO |
| 2007-02-13 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms_office_feb2006.nasl - Type: ACT_GATHER_INFO |
| 2007-02-13 | Name: Arbitrary code can be executed on the remote host through Microsoft Office. File: smb_nt_ms07-015.nasl - Type: ACT_GATHER_INFO |
| 2006-10-11 | Name: An application installed on the remote Mac OS X host is affected by multiple ... File: macosx_ms_office_oct2006.nasl - Type: ACT_GATHER_INFO |
| 2006-10-10 | Name: Arbitrary code can be executed on the remote host through Microsoft PowerPoint. File: smb_nt_ms06-058.nasl - Type: ACT_GATHER_INFO |
| 2004-09-28 | Name: The remote host may have been compromised File: radmin_port_10002.nasl - Type: ACT_GATHER_INFO |
| 2004-09-24 | Name: It is possible to log into the remote host without a password. File: smb_login_as_x.nasl - Type: ACT_GATHER_INFO |
| 2004-09-14 | Name: Arbitrary code can be executed on the remote host. File: smb_nt_ms04-028.nasl - Type: ACT_GATHER_INFO |
