VYPR

Office 2013 SP1

by Microsoft

CVEs (5)

  • CVE-2015-2545HigKEVSep 9, 2015
    risk 0.70cvss 7.8epss 0.86

    Microsoft Office 2007 SP3, 2010 SP2, 2013 SP1, and 2013 RT SP1 allows remote attackers to execute arbitrary code via a crafted EPS image, aka "Microsoft Office Malformed EPS File Vulnerability."

  • CVE-2017-0261HigKEVMay 12, 2017
    risk 0.69cvss 7.8epss 0.78

    Microsoft Office 2010 SP2, Office 2013 SP1, and Office 2016 allow a remote code execution vulnerability when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-0262 and CVE-2017-0281.

  • CVE-2016-7245HigNov 10, 2016
    risk 0.52cvss 7.8epss 0.20

    Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2013 RT SP1, and Office 2016 allow remote attackers to execute arbitrary code via a crafted Office document, aka "Microsoft Office Memory Corruption Vulnerability."

  • CVE-2016-7275HigDec 20, 2016
    risk 0.51cvss 7.8epss 0.01

    Microsoft Office 2010 SP2, 2013 SP1, 2013 RT SP1, and 2016 mishandles library loading, which allows local users to gain privileges via a crafted application, aka "Microsoft Office OLE DLL Side Loading Vulnerability."

  • CVE-2017-11934MedDec 12, 2017
    risk 0.37cvss 5.5epss 0.13

    Microsoft Office 2013 RT SP1, Microsoft Office 2013 SP1, and Microsoft Office 2016 allow an information disclosure vulnerability due to the way certain functions handle objects in memory, aka "Microsoft Office Information Disclosure Vulnerability".