This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Summuary
CPE Namecpe:/a:microsoft:office:2007:sp2
Detail
VendorMicrosoftFirst view 2009-10-14
ProductOfficeLast view2013-01-09
Version2007TypeApplication
Edition 
Language 
Updatesp2 
 
CPE Productcpe:/a:microsoft:office

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
 DateAlertAccess VectorAccess ComplexityAuthentication
9.32013-01-09CVE-2013-0007NetworkMediumNone Requ...
9.32013-01-09CVE-2013-0006NetworkMediumNone Requ...
9.32012-08-14CVE-2012-2524NetworkMediumNone Requ...
9.32012-08-14CVE-2012-1856NetworkMediumNone Requ...
6.92012-07-10CVE-2012-1854LocalMediumNone Requ...
Hide | Show 20 More...
 DateAlertAccess VectorAccess ComplexityAuthentication
9.32012-06-13CVE-2012-1889NetworkMediumNone Requ...
9.32012-05-08CVE-2012-0167NetworkMediumNone Requ...
9.32012-05-08CVE-2012-0165NetworkMediumNone Requ...
9.32012-05-08CVE-2012-0159NetworkMediumNone Requ...
9.32012-04-10CVE-2012-0177NetworkMediumNone Requ...
9.32012-04-10CVE-2012-0158NetworkMediumNone Requ...
9.32011-12-13CVE-2011-1983NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1990NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1989NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1988NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1987NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1982NetworkMediumNone Requ...
9.32011-09-15CVE-2011-1980NetworkMediumNone Requ...
9.32011-04-13CVE-2011-0107NetworkMediumNone Requ...
9.32010-11-09CVE-2010-3337NetworkMediumNone Requ...
9.32010-11-09CVE-2010-3335NetworkMediumNone Requ...
9.32010-11-09CVE-2010-3334NetworkMediumNone Requ...
9.32010-11-09CVE-2010-3333NetworkMediumNone Requ...
9.32010-09-15CVE-2010-2738NetworkMediumNone Requ...

CWE : Common Weakness Enumeration

%idName
35% (11)CWE-119Failure to Constrain Operations within the Bounds of a Memory Buffer
29% (9)CWE-94Failure to Control Generation of Code ('Code Injection')
16% (5)CWE-20Improper Input Validation
12% (4)CWE-189Numeric Errors
6% (2)CWE-399Resource Management Errors

Oval Markup Language : Definitions

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalIDName
oval:org.mitre.oval:def:15447MSCOMCTL.OCX RCE Vulnerability - MS12-060
oval:org.mitre.oval:def:15458MSXML XSLT Vulnerability - MS13-002
oval:org.mitre.oval:def:7286COM Validation Vulnerability
oval:org.mitre.oval:def:6491GDI+ TIFF Buffer Overflow Vulnerability
oval:org.mitre.oval:def:11929Insecure Library Loading Vulnerability
Hide | Show 20 More...
idName
oval:org.mitre.oval:def:6134GDI+ PNG Integer Overflow Vulnerability
oval:org.mitre.oval:def:11439Office Art Drawing Records Vulnerability
oval:org.mitre.oval:def:12974Excel Conditional Expression Parsing Vulnerability
oval:org.mitre.oval:def:12836Excel Heap Corruption Vulnerability
oval:org.mitre.oval:def:5800GDI+ PNG Heap Overflow Vulnerability
oval:org.mitre.oval:def:15462MSCOMCTL.OCX RCE Vulnerability
oval:org.mitre.oval:def:11739Drawing Exception Handling Vulnerability
oval:org.mitre.oval:def:11931RTF Stack Buffer Overflow Vulnerability
oval:org.mitre.oval:def:12694Office Component Insecure Library Loading Vulnerability
oval:org.mitre.oval:def:12953Excel Out of Bounds Array Indexing Vulnerability
oval:org.mitre.oval:def:15598Office WPS Converter Heap Overflow Vulnerability
oval:org.mitre.oval:def:11623Microsoft Outlook SMB Attachment Vulnerability
oval:org.mitre.oval:def:7074VBE6.DLL Stack Memory Corruption Vulnerability
oval:org.mitre.oval:def:15195MSXML Uninitialized Memory Corruption Vulnerability - MS12-043
oval:org.mitre.oval:def:5967GDI+ WMF Integer Overflow Vulnerability
oval:org.mitre.oval:def:15628GDI+ Heap Overflow Vulnerability
oval:org.mitre.oval:def:5898GDI+ TIFF Buffer Overflow Vulnerability
oval:org.mitre.oval:def:12655Office Component Insecure Library Loading Vulnerability
oval:org.mitre.oval:def:15667TrueType Font Parsing Vulnerability (CVE-2012-0159)
oval:org.mitre.oval:def:15388TrueType Font Parsing Vulnerability (CVE-2012-0159)

SAINT Exploits

DescriptionLink
Microsoft Windows Common Controls MSCOMCTL.OCX VulnerabilityMore info here
Microsoft Excel Drawing Exception Handling vulnerabilityMore info here
Microsoft Office RTF pFragments Property Stack Buffer OverflowMore info here
Microsoft Outlook SMB Attachment ATTACH_BY_REFERENCE vulnerabilityMore info here
Microsoft XML Core Services memory corruptionMore info here
Hide | Show 1 More...
DescriptionLink
Microsoft Office Art Property Table Memory CorruptionMore info here

Open Source Vulnerability Database (OSVDB)

idDescription
77659Microsoft Office Use-after-free Border Property Word Document Handling Remote...
75387Microsoft Office Excel Unspecified Signedness Error Excel File Handling Memor...
75386Microsoft Office Excel Unspecified Conditional Expression Parsing Excel File ...
75385Microsoft Office Excel Unspecified Excel File Record Handling Memory Corruption
75384Microsoft Office Excel Unspecified Array-Indexing Weakness Excel File Handlin...
Hide | Show 19 More...
idDescription
75380Microsoft Office MSO.dll Object Pointer Dereference Word Document Handling Re...
75379Microsoft Office MSO.dll Path Subversion Arbitrary DLL Injection Code Execution
71767Microsoft Office Path Subversion Arbitrary DLL Injection Code Execution
69089Microsoft Office Insecure Library Loading Remote Code Execution
69087Microsoft Office Drawing Exception Handling Remote Code Execution
69086Microsoft Office Art Drawing Record Parsing Remote Code Execution
69085Microsoft Office RTF Parsing Stack Overflow
67984Microsoft Multiple Products Unicode Scripts Processor (Usp10.dll) OpenType Fo...
66296Microsoft Outlook SMB Attachment Handling Arbitrary Program Execution
66294Microsoft Office Access AccWizObjects ActiveX Remote Code Execution
65219Microsoft Windows / Office COM Object Instantiation Validation Remote Code Ex...
64529Microsoft Visual Basic for Applications VBE6.dll Single-Byte Stack Overwrite
58869Microsoft Office Malformed Object Handling Memory Corruption Arbitrary Code E...
58868Microsoft Multiple Products GDI+ PNG Image Handling Integer Overflow
58867Microsoft Multiple Products GDI+ .NET API Code Execution Privilege Escalation
58866Microsoft Multiple Products GDI+ TIFF Image Handling Memory Corruption Arbitr...
58865Microsoft Multiple Products GDI+ TIFF Image Handling Overflow
58864Microsoft Multiple Products GDI+ PNG Image Handling Heap Overflow
58863Microsoft Multiple Products GDI+ WMF Image Handling Overflow

ExploitDB Exploits

idDescription
17474MS Office 2010 RTF Header Stack Overflow Vulnerability Exploit
15158MOAUB #30 - Microsoft Unicode Scripts Processor Remote Code Execution

OpenVAS Exploits

idDescription
2012-08-15Name : Microsoft Office Remote Code Execution Vulnerability (2731879)
File : nvt/secpod_ms12-057.nasl
2012-08-15Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2720573)
File : nvt/secpod_ms12-060.nasl
2012-07-11Name : Visual Basic for Applications Remote Code Execution Vulnerability (2707960)
File : nvt/secpod_ms12-046.nasl
2012-06-14Name : Microsoft XML Core Services Remote Code Execution Vulnerability (2719615)
File : nvt/gb_ms_xml_core_services_code_exec_vuln.nasl
2012-06-13Name : Microsoft Lync Remote Code Execution Vulnerabilities (2707956)
File : nvt/secpod_ms12-039.nasl
Hide | Show 17 More...
idDescription
2012-05-14Name : Microsoft Silverlight Code Execution Vulnerabilities - 2681578 (Mac OS X)
File : nvt/secpod_ms12-034_macosx.nasl
2012-05-09Name : MS Security Update For Microsoft Office, .NET Framework, and Silverlight (268...
File : nvt/secpod_ms12-034.nasl
2012-04-11Name : Microsoft Windows Common Controls Remote Code Execution Vulnerability (2664258)
File : nvt/secpod_ms12-027.nasl
2012-04-11Name : Microsoft Office Remote Code Execution Vulnerability (2639185)
File : nvt/secpod_ms12-028.nasl
2011-12-14Name : Microsoft Office Remote Code Execution Vulnerability (2590602)
File : nvt/secpod_ms11-089.nasl
2011-09-14Name : Microsoft Office Excel Remote Code Execution Vulnerabilities (2587505)
File : nvt/secpod_ms11-072.nasl
2011-09-14Name : Microsoft Office Remote Code Execution Vulnerabilites (2587634)
File : nvt/secpod_ms11-073.nasl
2011-08-11Name : Microsoft Windows Insecure Library Loading Vulnerability (2269637)
File : nvt/gb_ms_insecure_lib_loading_vuln.nasl
2011-04-13Name : Microsoft Office Remote Code Execution Vulnerabilites (2489293)
File : nvt/secpod_ms11-023.nasl
2010-11-10Name : Microsoft Office Remote Code Execution Vulnerabilites (2423930)
File : nvt/secpod_ms10-087.nasl
2010-10-13Name : Microsoft Windows Shell and WordPad COM Validation Vulnerability (2405882)
File : nvt/secpod_ms10-083.nasl
2010-09-15Name : MS Unicode Scripts Processor and MS Office Could Code Execution Vulnerability...
File : nvt/secpod_ms10-063.nasl
2010-07-14Name : MS Office Access ActiveX Controls Remote Code Execution Vulnerabilities(982335)
File : nvt/secpod_ms10-044.nasl
2010-07-14Name : Microsoft Outlook SMB Attachment Remote Code Execution Vulnerability (978212)
File : nvt/secpod_ms10-045.nasl
2010-06-09Name : Microsoft Office COM Validation Remote Code Execution Vulnerability (983235)
File : nvt/secpod_ms10-036.nasl
2010-05-13Name : Microsoft Visual Basic Remote Code Execution Vulnerability (978213)
File : nvt/secpod_ms10-031.nasl
2009-10-21Name : Microsoft Products GDI Plus Code Execution Vulnerabilities (957488)
File : nvt/secpod_ms09-062.nasl

Information Assurance Vulnerability Management (IAVM)

idDescription
2013-A-0004Multiple Vulnerabilities in Microsoft XML Core Services
Severity : Category I - VMSKEY : V0036444
2012-B-0075Microsoft Office Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0033652
2012-A-0132Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0033659
2012-A-0109Microsoft Visual Basic for Applications Remote Code Execution Vulnerability
Severity : Category I - VMSKEY : V0033311
2012-A-0059Microsoft Windows Common Controls Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0031982
Hide | Show 9 More...
idDescription
2012-B-0041Microsoft Office Works File Convertor Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0031984
2011-A-0163Microsoft Office Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0030834
2011-A-0124Multiple Vulnerabilities in Microsoft Office Excel
Severity : Category II - VMSKEY : V0030245
2011-A-0125Multiple Vulnerabilities in Microsoft Office
Severity : Category II - VMSKEY : V0030246
2011-A-0045Multiple Vulnerabilities in Microsoft Office
Severity : Category II - VMSKEY : V0026527
2010-A-0134Microsoft Windows COM Validation Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0025530
2010-A-0094Multiple Vulnerabilities in Microsoft Office Access
Severity : Category II - VMSKEY : V0024850
2010-A-0093Microsoft Office Outlook Remote Code Execution Vulnerability
Severity : Category II - VMSKEY : V0024852
2009-A-0099Multiple Vulnerabilities in Microsoft GDI+
Severity : Category I - VMSKEY : V0021759

Snort® IPS/IDS

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
DateDescription
2014-01-10Microsoft Multiple Products malformed PNG detected tEXt overflow attempt
RuleID : 6700 - Type : FILE-IMAGE - Revision : 20
2019-05-24Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49932 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49931 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49930 - Type : BROWSER-PLUGINS - Revision : 1
2019-05-24Microsoft Internet Explorer MSXML .definition ActiveX clsid access attempt
RuleID : 49929 - Type : BROWSER-PLUGINS - Revision : 1
Hide | Show 20 More...
DateDescription
2019-04-23Microsoft Office Excel conditional code execution attempt
RuleID : 49501 - Type : FILE-OFFICE - Revision : 1
2019-04-23Microsoft Office Excel conditional code execution attempt
RuleID : 49500 - Type : FILE-OFFICE - Revision : 1
2019-04-18Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 49496 - Type : FILE-OFFICE - Revision : 1
2019-04-18Microsoft Office MSCOMCTL ActiveX control tabstrip method attempt
RuleID : 49494 - Type : FILE-OFFICE - Revision : 1
2018-02-27Microsoft Office embedded Office Art drawings execution attempt
RuleID : 45557 - Type : FILE-OFFICE - Revision : 1
2018-02-27Microsoft Office embedded Office Art drawings execution attempt
RuleID : 45556 - Type : FILE-OFFICE - Revision : 1
2017-11-28Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 44670 - Type : FILE-OFFICE - Revision : 1
2017-11-28Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 44669 - Type : FILE-OFFICE - Revision : 1
2017-09-19RTF obfuscation string
RuleID : 43990 - Type : INDICATOR-OBFUSCATION - Revision : 3
2017-09-19newlines embedded in rtf header
RuleID : 43989 - Type : INDICATOR-OBFUSCATION - Revision : 3
2017-08-23Microsoft Office RTF parsing remote code execution attempt
RuleID : 43679 - Type : FILE-OFFICE - Revision : 1
2017-08-23Microsoft Office RTF parsing remote code execution attempt
RuleID : 43678 - Type : FILE-OFFICE - Revision : 1
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37699 - Type : FILE-OFFICE - Revision : 4
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37698 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37697 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37696 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37695 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37694 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook AttachMethods local file execution attempt
RuleID : 37693 - Type : FILE-OFFICE - Revision : 2
2016-03-22Microsoft Office Outlook SMB attach by reference code execution attempt
RuleID : 37692 - Type : FILE-OFFICE - Revision : 2

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
idDescription
2014-03-10Name : Arbitrary code can be executed on the remote host through the Microsoft GDI r...
File : smb_kb957488.nasl - Type : ACT_GATHER_INFO
2013-01-09Name : Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File : smb_nt_ms13-002.nasl - Type : ACT_GATHER_INFO
2012-08-15Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms12-057.nasl - Type : ACT_GATHER_INFO
2012-08-15Name : The remote Windows host has a code execution vulnerability.
File : smb_nt_ms12-060.nasl - Type : ACT_GATHER_INFO
2012-07-11Name : Arbitrary code can be executed on the remote host through Microsoft XML Core ...
File : smb_nt_ms12-043.nasl - Type : ACT_GATHER_INFO
Hide | Show 21 More...
idDescription
2012-07-11Name : Arbitrary code can be executed on the remote host through Visual Basic for Ap...
File : smb_nt_ms12-046.nasl - Type : ACT_GATHER_INFO
2012-06-13Name : Arbitrary code can be executed on the remote host through Microsoft Lync.
File : smb_nt_ms12-039.nasl - Type : ACT_GATHER_INFO
2012-05-09Name : The remote Windows host is affected by multiple vulnerabilities.
File : smb_nt_ms12-034.nasl - Type : ACT_GATHER_INFO
2012-05-09Name : A multimedia application framework installed on the remote Mac OS X host is a...
File : macosx_ms12-034.nasl - Type : ACT_GATHER_INFO
2012-04-11Name : The remote Windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms12-027.nasl - Type : ACT_GATHER_INFO
2012-04-11Name : The remote Windows host could allow arbitrary code execution.
File : smb_nt_ms12-028.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-089.nasl - Type : ACT_GATHER_INFO
2011-12-13Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_dec2011.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-072.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-073.nasl - Type : ACT_GATHER_INFO
2011-09-14Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms11-072.nasl - Type : ACT_GATHER_INFO
2011-04-13Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms11-023.nasl - Type : ACT_GATHER_INFO
2010-11-09Name : Arbitrary code can be executed on the remote host through Microsoft Office.
File : smb_nt_ms10-087.nasl - Type : ACT_GATHER_INFO
2010-11-09Name : An application installed on the remote Mac OS X host is affected by multiple ...
File : macosx_ms_office_nov2010.nasl - Type : ACT_GATHER_INFO
2010-10-13Name : The remote windows host is affected by a remote code execution vulnerability.
File : smb_nt_ms10-083.nasl - Type : ACT_GATHER_INFO
2010-09-14Name : It is possible to execute arbitrary code on the remote Windows host using the...
File : smb_nt_ms10-063.nasl - Type : ACT_GATHER_INFO
2010-07-13Name : The version of Microsoft Office on the remote Windows host has multiple code ...
File : smb_nt_ms10-044.nasl - Type : ACT_GATHER_INFO
2010-07-13Name : The version of Microsoft Office installed on the remote Windows host has a co...
File : smb_nt_ms10-045.nasl - Type : ACT_GATHER_INFO
2010-06-09Name : Arbitrary code can be executed on the remote host through opening a Microsoft...
File : smb_nt_ms10-036.nasl - Type : ACT_GATHER_INFO
2010-05-11Name : Arbitrary code can be executed on the remote host through Visual Basic for Ap...
File : smb_nt_ms10-031.nasl - Type : ACT_GATHER_INFO