VYPR

Office 2016

by Microsoft

CVEs (11)

  • CVE-2016-7277CriDec 20, 2016
    Microsoft
    Office
    risk 0.63cvss 9.6epss 0.05

    Microsoft Office 2016 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2017-0281HigMay 12, 2017
    Microsoft
    Word
    risk 0.54cvss 7.8epss 0.43

    Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Office Online Server 2016, Office Web Apps 2010 SP2,Office Web Apps 2013 SP1, Project Server 2013 SP1, SharePoint Enterprise Server 2013 SP1, SharePoint Enterprise Server 2016, SharePoint Foundation 2013…

  • CVE-2017-8630HigSep 13, 2017
    Microsoft
    Office
    risk 0.53cvss 7.8epss 0.23

    Microsoft Office 2016 allows a remote code execution vulnerability when it fails to properly handle objects in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE ID is unique from CVE-2017-8631, CVE-2017-8632, and CVE-2017-8744.

  • CVE-2016-0126HigMay 11, 2016
    Microsoft
    Office
    risk 0.53cvss 7.8epss 0.30

    Microsoft Office 2013 SP1, 2013 RT SP1, and 2016 allows remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2017-11934MedDec 12, 2017
    Microsoft
    Office 2013 Rt
    risk 0.38cvss 5.5epss 0.23

    Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft Office 2016 allow an information disclosure vulnerability due to the way certain functions handle objects in memory, aka "Microsoft Office Information Disclosure Vulnerability".

  • CVE-2016-0137LowSep 14, 2016
    Microsoft
    Office
    risk 0.22cvss 3.3epss 0.07

    The Click-to-Run (C2R) implementation in Microsoft Office 2013 SP1 and 2016 allows local users to bypass the ASLR protection mechanism via a crafted application, aka "Microsoft APP-V ASLR Bypass."

  • CVE-2015-6093Nov 11, 2015
    Microsoft
    Office
    risk 0.04cvss epss 0.45

    Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2, and Office Web Apps Server 2013 SP1 allow remote attackers to execute arbitrary code via a…

  • CVE-2018-0797Jan 10, 2018
    Microsoft
    Office 2013 Rt
    risk 0.03cvss epss 0.34

    Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".

  • CVE-2018-0919Mar 14, 2018
    Microsoft
    Sharepoint Enterprise Server
    risk 0.01cvss epss 0.13

    Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016,…

  • CVE-2018-0853Feb 15, 2018
    Microsoft
    Office 2013 Rt
    risk 0.01cvss epss 0.13

    Microsoft Office 2010 SP2, Microsoft Office 2013 SP1 and RT SP1, Microsoft Office 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow an information disclosure vulnerability, due to how Office initializes the affected variable, aka "Microsoft Office Information Disclosure…

  • CVE-2015-2503Nov 11, 2015
    Microsoft
    Word
    risk 0.01cvss epss 0.15

    Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2,…