Download
| Alert*
|
oval:org.secpod.oval:def:46072
The host is missing a low security update for ADV180015 oval:org.secpod.oval:def:23797 The host is installed with Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold or SP1, Word 2013 Gold or SP1, Office 2013 RT Gold or SP1, Word 2013 RT Gold or SP1, Excel Viewer, Office C ... oval:org.secpod.oval:def:23792 The host is missing a critical security update according to Microsoft security bulletin, MS15-022. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:23486 The host is missing an important security update according to Microsoft security bulletin MS15-013. The update is required to fix a security feature bypass vulnerability. The flaw is present in the applications, which fails to handle a specially crafted file. Successful exploitation allows attackers ... oval:org.secpod.oval:def:23485 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2 or Office 2013 SP1 and is prone to a security feature bypass vulnerability. The flaw is present in the applications, which fails to handle a specially crafted file. Successful exploitation allows attackers to bypass security featu ... oval:org.secpod.oval:def:24835 The host is missing an important security update according to Microsoft security bulletin, MS15-059. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attacke ... oval:org.secpod.oval:def:24837 The host is installed with Microsoft Office Compatibility Pack 2007, 2007 SP3, Office 2010 or SP2, Office 2013 or SP1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:24838 The host is installed with Microsoft Office Office 2013 or SP1 and is prone to an uninitialized memory use vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:21873 The host is missing an important security update according to Microsoft bulletin, MS14-082. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which improperly handle objects in memory while parsing specially crafted office files. Successful e ... oval:org.secpod.oval:def:21872 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2 or Office 2013 SP1 and is prone to an use after free vulnerability. The flaw is present in the applications, which improperly handle objects in memory while parsing specially crafted office files. Successful exploitation allows at ... oval:org.secpod.oval:def:24307 The host is installed with Office 2010, 2013, Word 2010, 2013, Excel 2010, 2013, Powerpoint 2010,2013, Powerpoint Viewer, Sharepoint Server 2010, 2013, Foundation 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which ... oval:org.secpod.oval:def:24310 The host is missing an important security update according to Microsoft security bulletin, MS15-046. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:42754 The host is missing an important security update KB3162047 oval:org.secpod.oval:def:43503 The host is missing an important security update 4011636 oval:org.secpod.oval:def:43911 The host is missing an important security update for KB4011690 oval:org.secpod.oval:def:43904 The host is missing an important security update for KB3172459 oval:org.secpod.oval:def:60687 The host is missing an important security update for KB4484227 oval:org.secpod.oval:def:18527 The application Microsoft Office 2013 SP1 is installed. oval:org.secpod.oval:def:18529 The host is missing an important security update according to Microsoft bulletin, MS14-024. The update is required to fix security feature bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow remote attacke ... oval:org.secpod.oval:def:18528 The host is installed with Microsoft Office 2007 or 2010 or 2013 and is prone to security feature bypass vulnerability. A flaw is present in the application, which fails to handle a specially crafted content. Successful exploitation could allow remote attackers to bypass the ASLR security feature an ... oval:org.secpod.oval:def:18535 The host is installed with Microsoft Office 2013 and is prone to a token reuse vulnerability. A flaw is present in the application, which does not properly validate the path used for loading external libraries. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:18534 The host is missing an important security update according to Microsoft security bulletin, MS14-023. The update is required to fix a remote code execution vulnerability. A flaw is present in the application, which does not properly validate the path used for loading external libraries. Successful ex ... oval:org.secpod.oval:def:18536 The host is installed with Microsoft Office 2013 and is prone to a microsoft office chinese grammar checking vulnerability. A flaw is present in the application, which does not properly validate the path used for loading external libraries. Successful exploitation could allow attackers to execute ar ... oval:org.secpod.oval:def:39803 The host is missing a critical security update KB3178710 oval:org.secpod.oval:def:41228 The host is missing an important security update KB3213555 oval:org.secpod.oval:def:41000 The host is missing a moderate severity security update KB3162051 oval:org.secpod.oval:def:41001 The host is missing an important security update KB3203392 oval:org.secpod.oval:def:62593 The host is missing an important security update for KB4484260 oval:org.secpod.oval:def:16178 The host is installed with Microsoft Office 2013 and is prone to a token hijacking vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted response while attempting to open an Office file hosted on the malicious website. Successful exploitation could a ... oval:org.secpod.oval:def:16179 The host is missing an important security update according to Microsoft security bulletin, MS13-104. The updated is required to fix a token hijacking vulnerability. A flaw is present in the application, which fails to properly handle a specially crafted response while attempting to open an Office fi ... oval:org.secpod.oval:def:26546 The host is missing a critical security update according to Microsoft bulletin, MS15-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory or handle a specially crafted Office file. An attacker who succ ... oval:org.secpod.oval:def:62587 The host is missing an important security update for KB4484229 oval:org.secpod.oval:def:15652 The host is missing an important security update according to Microsoft bulletin, MS13-085. The update is required to fix remote code execution vulnerability. The flaw is present in the application, which fails to handle certain objects in memory while parsing specially crafted Office files. Success ... oval:org.secpod.oval:def:15653 The host is installed with Microsoft Office for Mac 2011 and is prone to remote code execution vulnerability. The flaw is present in the application, which fails to handle certain objects in memory while parsing specially crafted Office files. Successful exploitation allows attackers to execute arbi ... oval:org.secpod.oval:def:15656 The application Microsoft Office 2013 is installed. oval:org.secpod.oval:def:15657 The host is installed with Microsoft Excel SP3, Office 2007 SP3, Office 2010 SP1/SP2, Office 2013, Excel Viewer 2007, Office Compatibility Pack SP3, Office Web Apps 2010,SharePoint Server 2007 SP3, SharePoint Server 2010 SP1/SP2, SharePoint Server 2013 and is prone to remote code execution vulnerabi ... oval:org.secpod.oval:def:15654 The host is missing an important security update according to Microsoft security bulletin, MS13-085. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle certain objects in memory while parsing specially crafted ... oval:org.secpod.oval:def:57342 The host is missing an important security update for KB4464558 oval:org.secpod.oval:def:57341 The host is missing an important security update for KB4464543 oval:org.secpod.oval:def:57337 The host is missing an important security update for KB4018375 oval:org.secpod.oval:def:15991 The host is missing a critical security update according to Microsoft security bulletin, MS13-091. The update is required to fix multiple buffer overflow vulnerabilities. The flaws are present in the application, which fails to handle crafted WordPerfect document (.wpd) file. Successful exploitation ... oval:org.secpod.oval:def:40524 The host is missing an important security update KB3191885 oval:org.secpod.oval:def:63766 The host is missing an important security update for KB4484351 oval:org.secpod.oval:def:62570 The host is missing an important security update for KB4011104 oval:org.secpod.oval:def:49124 The host is missing an important security update for KB4022237 oval:org.secpod.oval:def:62580 The host is missing a security update 4484117 oval:org.secpod.oval:def:26550 The host is installed with Microsoft Office 2007, 2010 or 2013 and is prone to a malformed EPS file vulnerability. A flaw is present in the applications, which fails to properly handle a specially crafted EPS file. An attacker who successfully exploited this vulnerability could take control of the a ... oval:org.secpod.oval:def:38344 The host is installed with Microsoft Office 2007, 2010, 2013 or Word Viewer and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly initializes affected variables. Successful exploitation could allow attackers to disclose sensitive information ... oval:org.secpod.oval:def:41041 The host is missing security update. oval:org.secpod.oval:def:40513 The host is missing an important security update KB3172458 oval:org.secpod.oval:def:40999 The host is missing a moderate severity security update KB3203386 oval:org.secpod.oval:def:54204 The host is missing an important security update for KB4462204 oval:org.secpod.oval:def:54211 The host is missing an important security update for KB4464504 oval:org.secpod.oval:def:54736 The host is missing an important security update for KB4464561 oval:org.secpod.oval:def:31394 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present i ... oval:org.secpod.oval:def:33268 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1 or Office 2016 and is prone to a security feature bypass vulnerability. A flaw is present in the applications, which fail to handle an invalidly signed binary. An attacker who successfully exploited the vulnerabil ... oval:org.secpod.oval:def:38343 The host is installed with Microsoft Office 2010, 2013 or 2016 and is prone to an OLE dll side loading vulnerability. A flaw is present in the applications, which improperly validates input before loading libraries. Successful exploitation could allow attackers to take control of an affected system. oval:org.secpod.oval:def:39758 A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or creat ... oval:org.secpod.oval:def:40980 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:40981 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:40982 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:41222 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42396 The host is missing Defense in Depth Update according to security advisory ADV170017. oval:org.secpod.oval:def:42734 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45028 The host is missing an important security update for KB4018330 oval:org.secpod.oval:def:44957 A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete d ... oval:org.secpod.oval:def:83897 The host is missing an important security update for KB5002166 oval:org.secpod.oval:def:40466 A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could ... oval:org.secpod.oval:def:40468 A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could ... oval:org.secpod.oval:def:37971 The host is missing an important security update according to Microsoft security bulletin, MS16-133. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:37969 The host is installed with Microsoft Office 2007, 2010, 2013 or 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:32603 The host is installed with Microsoft Office 2007, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2016, Excel 2016, PowerPoint ... oval:org.secpod.oval:def:32602 The host is installed with Microsoft Office 2007, Office 2010, Office 2013, Office 2016 or Word Viewer and is prone to a memory corruption vulnerability. The flaws are present in the applications, which fail to handle objects in memory. An attacker who successfully exploited these vulnerabilities co ... oval:org.secpod.oval:def:32607 The host is missing a critical security update according to Microsoft security bulletin, MS16-004. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploit ... oval:org.secpod.oval:def:34345 The host is installed with Microsoft Office 2013 or 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:34344 The host is missing a critical security update according to Microsoft security bulletin, MS16-054. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:40979 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:33263 The host is missing an important security update according to Microsoft security bulletin, MS16-028. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:37077 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server ... oval:org.secpod.oval:def:37076 The host is installed with Microsoft Office 2007, 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly export a users private key from the certificate store while saving a document. Successful exploitation could all ... oval:org.secpod.oval:def:37074 The host is installed with Microsoft Office 2013 SP1 or 2016 and is prone to an ASLR protection mechanism bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted application. Successful exploitation could allow attackers to bypass the ASLR protection mechanism. oval:org.secpod.oval:def:37073 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:43169 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:41548 A security feature bypass vulnerability exists when Microsoft Office Outlook improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to ... oval:org.secpod.oval:def:41549 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data.To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:41550 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:43198 The host is missing an important security update KB4011277 oval:org.secpod.oval:def:40971 A remote code execution vulnerability exists when Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:38336 The host is missing a critical security update according to Microsoft security bulletin, MS16-148. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a specially crafted Microsoft Office file. Successful exploitation could allow a ... oval:org.secpod.oval:def:43879 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:43877 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:43518 ADV180003 : Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. oval:org.secpod.oval:def:45398 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45399 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45036 The host is missing an important security update for KB4018288 oval:org.secpod.oval:def:45394 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:45395 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:45465 The host is missing an important security update for KB3172436 oval:org.secpod.oval:def:44955 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:44959 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43492 The host is missing an important security update 4011580 oval:org.secpod.oval:def:46038 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:43442 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43447 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43445 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43449 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43448 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43450 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43453 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43452 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43451 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43579 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43582 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43581 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43580 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:46063 The host is missing an important security update for KB4022182 oval:org.secpod.oval:def:47208 The host is missing an important security update for KB4032239 oval:org.secpod.oval:def:49075 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:47955 The host is missing an important security update for KB4461445 oval:org.secpod.oval:def:50108 The host is missing an important security update for KB3172522 oval:org.secpod.oval:def:47124 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:47922 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:47921 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on w ... oval:org.secpod.oval:def:47923 A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with ad ... oval:org.secpod.oval:def:57247 A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents. An attacker who successfully exploited this vulnerability could read or write information in Office documents. The security update addresses the vulnerab ... oval:org.secpod.oval:def:50062 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:54660 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:57249 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:54659 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:58906 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:59697 The host is missing an important security update for KB4484119 oval:org.secpod.oval:def:58534 The host is missing an important security update for KB4475607 oval:org.secpod.oval:def:60623 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:58437 A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit ... oval:org.secpod.oval:def:50691 A security feature bypass vulnerability exists when Microsoft Office does not validate URLs. An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials. An attacker who successfully exploited this vulnerability could perform a phishing attack. Th ... oval:org.secpod.oval:def:50698 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:58977 The host is missing an important security update for KB4475558 oval:org.secpod.oval:def:59703 The host is missing an important security update for KB4484152 oval:org.secpod.oval:def:59853 An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attack ... oval:org.secpod.oval:def:59854 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:58523 The host is missing an important security update for KB4475611 oval:org.secpod.oval:def:59850 An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attack ... oval:org.secpod.oval:def:50111 The host is missing an important security update for KB4461537 oval:org.secpod.oval:def:50777 The host is missing an important security update for KB4018300 oval:org.secpod.oval:def:50785 The host is missing an important security update for KB4462138 oval:org.secpod.oval:def:54123 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54124 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54121 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54118 A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded. The update addr ... oval:org.secpod.oval:def:62493 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:62492 A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the syst ... oval:org.secpod.oval:def:63647 A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted ... oval:org.secpod.oval:def:62506 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:62517 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:77637 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:76463 The host is missing an important security update for KB5002104 oval:org.secpod.oval:def:76461 The host is missing an important security update for KB5002101 oval:org.secpod.oval:def:76405 Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76403 Microsoft Office Trust Center Spoofing Vulnerability oval:org.secpod.oval:def:82638 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:83861 Microsoft PowerPoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:82732 The host is missing an important security update for KB4462142 oval:org.secpod.oval:def:71861 The host is missing an important security update 5001925 oval:org.secpod.oval:def:71802 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:91839 Microsoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure. oval:org.secpod.oval:def:75334 The host is missing a critical security update 5001985 oval:org.secpod.oval:def:75286 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75285 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:75284 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73241 The host is missing an important security update 5001953 oval:org.secpod.oval:def:73210 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:73211 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:73243 The host is missing an important security update 5001955 oval:org.secpod.oval:def:73208 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:81887 Microsoft Office Security Feature Bypass Vulnerability oval:org.secpod.oval:def:81937 The host is missing an important security update for KB5002121 oval:org.secpod.oval:def:77634 Microsoft Office Remote Code Execution Vulnerability. Successfully exploitation allows an attacker to read uninitialized memory. oval:org.secpod.oval:def:76449 The host is missing an important security update 4486726 oval:org.secpod.oval:def:76404 Visual Basic for Applications Information Disclosure Vulnerability oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:36750 The host is missing a critical security update according to Microsoft security bulletin, MS16-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:36749 The host is installed with Microsoft Office 2007, 2010 or 2013 and is prone to a graphics component memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle objects in memory. An attacker who successfully exploited the vulnerabilities could run arbitrary ... oval:org.secpod.oval:def:36745 The host is installed with Microsoft Office 2007, 2010, 2013, 2016 or Word Viewer and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle objects in memory. An attacker who successfully exploited the vulnerabilities could run arbitrary ... oval:org.secpod.oval:def:78711 Microsoft Excel Remote Code Execution Vulnerability. oval:org.secpod.oval:def:58055 The host is missing an important security update 4464599 oval:org.secpod.oval:def:93090 The host is missing an important security update for KB5002477 oval:org.secpod.oval:def:88126 The host is missing an important security update for KB5002198 oval:org.secpod.oval:def:88033 Microsoft Excel Spoofing Vulnerability. oval:org.secpod.oval:def:90901 The host is missing a security update 5002400 oval:org.secpod.oval:def:90775 Microsoft Office Graphics Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90898 The host is missing a security update 5001952 oval:org.secpod.oval:def:90900 The host is missing a security update 5002069 oval:org.secpod.oval:def:90895 The host is missing a security update 4464506 oval:org.secpod.oval:def:90777 Microsoft Outlook Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90776 Microsoft ActiveX Remote Code Execution Vulnerability. oval:org.secpod.oval:def:77054 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77053 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:77122 The host is missing a critical security update 5002124 oval:org.secpod.oval:def:77120 The host is missing an important security update 5002119 oval:org.secpod.oval:def:77106 The host is missing a critical security update 4462205 oval:org.secpod.oval:def:77111 The host is missing a critical security update 5002064 oval:org.secpod.oval:def:75804 Microsoft Excel Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75857 The host is missing an important security update 5002035 oval:org.secpod.oval:def:75805 Microsoft Access Remote Code Execution Vulnerability oval:org.secpod.oval:def:75858 The host is missing an important security update 5002038 oval:org.secpod.oval:def:74925 The host is missing an important security update for KB5002007 oval:org.secpod.oval:def:74878 Microsoft Office Spoofing Vulnerability oval:org.secpod.oval:def:74920 The host is missing an important security update for KB4484108 oval:org.secpod.oval:def:74868 Microsoft Office Spoofing Vulnerability oval:org.secpod.oval:def:74921 The host is missing an important security update 5001958 oval:org.secpod.oval:def:74867 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability oval:org.secpod.oval:def:73858 The host is missing an important security update for KB5001983 oval:org.secpod.oval:def:73731 Microsoft Office Security Feature Bypass Vulnerability oval:org.secpod.oval:def:71799 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:71798 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:71797 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:71862 The host is missing an important security update 5001927 oval:org.secpod.oval:def:71852 The host is missing an important security update 4464542 oval:org.secpod.oval:def:71803 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:71800 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:71041 The host is missing an important security update for KB4504727 oval:org.secpod.oval:def:71057 The host is missing an important security update for KB3178643 oval:org.secpod.oval:def:71056 The host is missing an important security update for KB3178639 oval:org.secpod.oval:def:71045 The host is missing an important security update for KB4504726 oval:org.secpod.oval:def:70926 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:69977 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:69982 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:69980 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:70075 The host is missing an important security update for KB4493228 oval:org.secpod.oval:def:70070 The host is missing an important security update for KB4493203 oval:org.secpod.oval:def:69974 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:68262 The host is missing an important security update for KB4486759 oval:org.secpod.oval:def:68167 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:68263 The host is missing an important security update for KB4486762 oval:org.secpod.oval:def:68164 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:66962 The host is missing an important security update for KB4486725 oval:org.secpod.oval:def:66912 The host is installed with Microsoft Office products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an issue in the connectivity engine. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66953 The host is missing an important security update for KB4484520 oval:org.secpod.oval:def:66910 The host is installed with Microsoft Office products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an issue in the connectivity engine. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66050 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:66138 The host is missing an important security update for KB4486688 oval:org.secpod.oval:def:66033 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66032 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66127 The host is missing an important security update for KB4484435 oval:org.secpod.oval:def:65540 The host is missing an important security update for KB4484517 oval:org.secpod.oval:def:65375 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65526 The host is missing an important security update for KB4484469 oval:org.secpod.oval:def:65366 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64924 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:64959 The host is missing an important security update for KB4484359 oval:org.secpod.oval:def:64912 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64913 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64914 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64915 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:64958 The host is missing an important security update for KB4484354 oval:org.secpod.oval:def:70927 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:15993 The host is installed with Microsoft Microsoft Office 2003 SP3, 2007 SP3, 2010 SP1/SP2 or 2013 and is prone to a stack-based buffer overflow vulnerability. The flaw is present in the application, which fails to handle crafted WordPerfect document (.wpd) file. Successful exploitation could allow atta ... oval:org.secpod.oval:def:50057 A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnera ... oval:org.secpod.oval:def:50700 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:50697 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:50699 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:58430 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58053 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:71854 The host is missing an important security update 4493206 oval:org.secpod.oval:def:71804 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability oval:org.secpod.oval:def:75328 The host is missing an important security update 4018332 oval:org.secpod.oval:def:75283 Rich Text Edit Control Information Disclosure Vulnerability oval:org.secpod.oval:def:40467 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... |
