Office 2016 Click-to-Run (C2R)
by Microsoft
CVEs (8)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2018-0841 | Hig | 0.59 | 8.8 | 0.20 | Feb 15, 2018 | Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects are handled in memory, aka "Office Remote Code Execution Vulnerability" | ||
| CVE-2023-33148 | Hig | 0.54 | 7.8 | 0.02 | Jul 11, 2023 | Microsoft Office Elevation of Privilege Vulnerability | ||
| CVE-2017-11935 | Hig | 0.52 | 7.8 | 0.19 | Dec 12, 2017 | Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability". | ||
| CVE-2017-11825 | Hig | 0.52 | 7.8 | 0.22 | Oct 13, 2017 | Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code… | ||
| CVE-2017-11939 | Med | 0.43 | 6.5 | 0.06 | Dec 12, 2017 | Microsoft Office 2016 Click-to-Run (C2R) allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability". | ||
| CVE-2020-16928 | 0.01 | — | 0.03 | Oct 16, 2020 | An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to… | |||
| CVE-2022-22004 | 0.00 | — | 0.02 | Feb 9, 2022 | Microsoft Office ClickToRun Remote Code Execution Vulnerability | |||
| CVE-2020-16934 | 0.00 | — | 0.02 | Oct 16, 2020 | An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to… |
- risk 0.59cvss 8.8epss 0.20
Microsoft Office 2016 Click-to-Run allows a remote code execution vulnerability due to how objects are handled in memory, aka "Office Remote Code Execution Vulnerability"
- risk 0.54cvss 7.8epss 0.02
Microsoft Office Elevation of Privilege Vulnerability
- risk 0.52cvss 7.8epss 0.19
Microsoft Office 2016 Click-to-Run (C2R) allows a remote code execution vulnerability due to the way files are handled in memory, aka "Microsoft Excel Remote Code Execution Vulnerability".
- risk 0.52cvss 7.8epss 0.22
Microsoft Office 2016 Click-to-Run (C2R) and Microsoft Office 2016 for Mac allow an attacker to use a specially crafted file to perform actions in the security context of the current user, due to how Microsoft Office handles files in memory, aka "Microsoft Office Remote Code…
- risk 0.43cvss 6.5epss 0.06
Microsoft Office 2016 Click-to-Run (C2R) allows an information disclosure vulnerability due to the way Microsoft Office enforces DRM copy/paste permissions, aka "Microsoft Office Information Disclosure Vulnerability".
- CVE-2020-16928Oct 16, 2020risk 0.01cvss —epss 0.03
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to…
- CVE-2022-22004Feb 9, 2022risk 0.00cvss —epss 0.02
Microsoft Office ClickToRun Remote Code Execution Vulnerability
- CVE-2020-16934Oct 16, 2020risk 0.00cvss —epss 0.02
An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to…