Download
| Alert*
|
oval:org.secpod.oval:def:42088
The host is missing an important security update KB3213626 oval:org.secpod.oval:def:42091 The host is missing an important security update KB3213646 oval:org.secpod.oval:def:42754 The host is missing an important security update KB3162047 oval:org.secpod.oval:def:42753 The host is missing an important security update KB2553204 oval:org.secpod.oval:def:42767 The host is missing an important security update 4011276 oval:org.secpod.oval:def:43507 The host is missing an important security update 4011656 oval:org.secpod.oval:def:43503 The host is missing an important security update 4011636 oval:org.secpod.oval:def:43913 The host is missing an important security update for KB4011715 oval:org.secpod.oval:def:43911 The host is missing an important security update for KB4011690 oval:org.secpod.oval:def:43904 The host is missing an important security update for KB3172459 oval:org.secpod.oval:def:60686 The host is missing an important security update for KB4484221 oval:org.secpod.oval:def:41228 The host is missing an important security update KB3213555 oval:org.secpod.oval:def:41231 The host is missing an important security update KB3213640 oval:org.secpod.oval:def:41232 The host is missing an important security update KB3213624 oval:org.secpod.oval:def:41000 The host is missing a moderate severity security update KB3162051 oval:org.secpod.oval:def:41001 The host is missing an important security update KB3203392 oval:org.secpod.oval:def:62592 The host is missing an important security update for KB4484258 oval:org.secpod.oval:def:62585 The host is missing a security update 4484214 oval:org.secpod.oval:def:63765 The host is missing an important security update for KB4484342 oval:org.secpod.oval:def:40524 The host is missing an important security update KB3191885 oval:org.secpod.oval:def:40528 The host is missing an important security update KB3191899 oval:org.secpod.oval:def:40527 The host is missing an important security update KB3191895 oval:org.secpod.oval:def:62570 The host is missing an important security update for KB4011104 oval:org.secpod.oval:def:62568 The host is missing an important security update for KB3203462 oval:org.secpod.oval:def:62566 The host is missing an important security update for KB3128012 oval:org.secpod.oval:def:49124 The host is missing an important security update for KB4022237 oval:org.secpod.oval:def:39797 The host is missing a critical security update KB3141529 oval:org.secpod.oval:def:39798 The host is missing a critical security update KB3141538 oval:org.secpod.oval:def:40990 A remote code execution vulnerability exist in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. oval:org.secpod.oval:def:40993 The host is missing security update for KB3212223 oval:org.secpod.oval:def:40510 The host is missing an important security update KB2596904 oval:org.secpod.oval:def:40994 The host is missing a moderate severity security update KB3203436 oval:org.secpod.oval:def:40991 A remote code execution vulnerability exist in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. oval:org.secpod.oval:def:40513 The host is missing an important security update KB3172458 oval:org.secpod.oval:def:40997 The host is missing a moderate severity security update KB3118389 oval:org.secpod.oval:def:40998 The host is missing an important security update KB3203461 oval:org.secpod.oval:def:40511 The host is missing an important security update KB3118310 oval:org.secpod.oval:def:40995 The host is missing an important security update KB3118304 oval:org.secpod.oval:def:40996 The host is missing a moderate severity security update KB3203460 oval:org.secpod.oval:def:40999 The host is missing a moderate severity security update KB3203386 oval:org.secpod.oval:def:39803 The host is missing a critical security update KB3178710 oval:org.secpod.oval:def:62602 The host is missing an important security update for KB4484287 oval:org.secpod.oval:def:57342 The host is missing an important security update for KB4464558 oval:org.secpod.oval:def:57341 The host is missing an important security update for KB4464543 oval:org.secpod.oval:def:57337 The host is missing an important security update for KB4018375 oval:org.secpod.oval:def:41041 The host is missing security update. oval:org.secpod.oval:def:54204 The host is missing an important security update for KB4462204 oval:org.secpod.oval:def:54206 The host is missing an important security update for KB4462213 oval:org.secpod.oval:def:54211 The host is missing an important security update for KB4464504 oval:org.secpod.oval:def:54210 The host is missing an important security update for KB4462242 oval:org.secpod.oval:def:54736 The host is missing an important security update for KB4464561 oval:org.secpod.oval:def:54735 The host is missing an important security update for KB4464551 oval:org.secpod.oval:def:57338 The host is missing an important security update for KB4461539 oval:org.secpod.oval:def:57340 The host is missing an important security update for KB4464534 oval:org.secpod.oval:def:57349 The host is missing an important security update for KB4475514 oval:org.secpod.oval:def:49123 The host is missing an important security update for KB4022232 oval:org.secpod.oval:def:31394 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present i ... oval:org.secpod.oval:def:33268 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1 or Office 2016 and is prone to a security feature bypass vulnerability. A flaw is present in the applications, which fail to handle an invalidly signed binary. An attacker who successfully exploited the vulnerabil ... oval:org.secpod.oval:def:38343 The host is installed with Microsoft Office 2010, 2013 or 2016 and is prone to an OLE dll side loading vulnerability. A flaw is present in the applications, which improperly validates input before loading libraries. Successful exploitation could allow attackers to take control of an affected system. oval:org.secpod.oval:def:39758 A remote code execution vulnerability exists in the way that Microsoft Office and WordPad parse specially crafted files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or creat ... oval:org.secpod.oval:def:39801 The host is missing security update for KB3178702. oval:org.secpod.oval:def:39802 The host is missing a critical security update KB3178703 oval:org.secpod.oval:def:40520 The host is missing an important security update KB3191863 oval:org.secpod.oval:def:40523 The host is missing an important security update KB3191881 oval:org.secpod.oval:def:40980 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:40981 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:40982 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:41002 The host is missing a moderate severity security update KB3191944 oval:org.secpod.oval:def:41003 The host is missing a moderate severity security update KB3191943 oval:org.secpod.oval:def:41004 The host is missing a moderate severity security update KB3191882 oval:org.secpod.oval:def:41005 The host is missing a moderate severity security update KB3178667 oval:org.secpod.oval:def:41222 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:41233 The host is missing an important security update KB3213545 oval:org.secpod.oval:def:42049 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42053 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42122 The host is missing an important security update KB3203474 oval:org.secpod.oval:def:42396 The host is missing Defense in Depth Update according to security advisory ADV170017. oval:org.secpod.oval:def:42734 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:42760 The host is missing an important security update KB4011262 oval:org.secpod.oval:def:43502 The host is missing an important security update 4011632 oval:org.secpod.oval:def:43905 The host is missing an important security update for KB4011686 oval:org.secpod.oval:def:43910 The host is missing an important security update for KB4011143 oval:org.secpod.oval:def:44957 A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete d ... oval:org.secpod.oval:def:45028 The host is missing an important security update for KB4018330 oval:org.secpod.oval:def:45016 The host is missing an important security update for KB4018328 oval:org.secpod.oval:def:44952 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:45033 The host is missing an important security update for KB4011628 oval:org.secpod.oval:def:40466 A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could ... oval:org.secpod.oval:def:40468 A remote code execution vulnerability exists in Microsoft Office that could be exploited when a user opens a file containing a malformed graphics image or when a user inserts a malformed graphics image into an Office file. Such a file could also be included in an email attachment. An attacker could ... oval:org.secpod.oval:def:37971 The host is missing an important security update according to Microsoft security bulletin, MS16-133. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:37969 The host is installed with Microsoft Office 2007, 2010, 2013 or 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:35630 The host is missing a critical security update according to Microsoft security bulletin, MS16-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:32615 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:32617 The host is missing a critical security update according to Microsoft security bulletin, MS16-004. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle objects in memory. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:32603 The host is installed with Microsoft Office 2007, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2016, Excel 2016, PowerPoint ... oval:org.secpod.oval:def:32602 The host is installed with Microsoft Office 2007, Office 2010, Office 2013, Office 2016 or Word Viewer and is prone to a memory corruption vulnerability. The flaws are present in the applications, which fail to handle objects in memory. An attacker who successfully exploited these vulnerabilities co ... oval:org.secpod.oval:def:32607 The host is missing a critical security update according to Microsoft security bulletin, MS16-004. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploit ... oval:org.secpod.oval:def:35577 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:35578 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:34345 The host is installed with Microsoft Office 2013 or 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:34344 The host is missing a critical security update according to Microsoft security bulletin, MS16-054. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:35633 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office ... oval:org.secpod.oval:def:40979 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:33263 The host is missing an important security update according to Microsoft security bulletin, MS16-028. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:37077 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server ... oval:org.secpod.oval:def:37076 The host is installed with Microsoft Office 2007, 2010, 2013 or 2016 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to properly export a users private key from the certificate store while saving a document. Successful exploitation could all ... oval:org.secpod.oval:def:37074 The host is installed with Microsoft Office 2013 SP1 or 2016 and is prone to an ASLR protection mechanism bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted application. Successful exploitation could allow attackers to bypass the ASLR protection mechanism. oval:org.secpod.oval:def:37073 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:41548 A security feature bypass vulnerability exists when Microsoft Office Outlook improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands.In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to ... oval:org.secpod.oval:def:41549 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data.To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:41550 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:37091 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted office file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37087 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle objects in memory. Successful exploitation could allow attackers to run arbitrary ... oval:org.secpod.oval:def:40971 A remote code execution vulnerability exists when Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete da ... oval:org.secpod.oval:def:38345 The host is installed with Microsoft Office 2016 and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:40985 A remote code execution vulnerability exists when Skype for Business and Microsoft Lync Servers fail to properly sanitize specially crafted content.An authenticated attacker who successfully exploited this vulnerability could execute HTML and JavaScript content in the Skype for Business or Lync cont ... oval:org.secpod.oval:def:38336 The host is missing a critical security update according to Microsoft security bulletin, MS16-148. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a specially crafted Microsoft Office file. Successful exploitation could allow a ... oval:org.secpod.oval:def:43169 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:43170 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:43172 An information disclosure vulnerability exists when Microsoft Outlook fails to enforce copy/paste permissions on DRM-protected emails. An attacker who successfully exploited the vulnerability could potentially extract plaintext content from DRM-protected draft emails. The attacker would have to use ... oval:org.secpod.oval:def:43196 Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. The update disables the Dynamic Update Exchange protocol (DDE) in all supported editions of Microsoft Word. oval:org.secpod.oval:def:43199 The host is missing an important security update KB4011095 oval:org.secpod.oval:def:43198 The host is missing an important security update KB4011277 oval:org.secpod.oval:def:31371 Microsoft 365 Apps for Enterprise is installed oval:org.secpod.oval:def:42376 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:41042 The host is missing security update. oval:org.secpod.oval:def:43876 An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message s ... oval:org.secpod.oval:def:43875 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:43879 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:43878 A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative u ... oval:org.secpod.oval:def:43877 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:43518 ADV180003 : Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. oval:org.secpod.oval:def:44950 An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerabil ... oval:org.secpod.oval:def:44955 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:44959 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:46036 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:46038 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:46034 An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly. An attacker who successfully exploited the vulnerability could send an email with hidden attachments that would be opened or executed once a victim clicks a link within the email. Not ... oval:org.secpod.oval:def:46062 The host is missing an important security update for KB4022177 oval:org.secpod.oval:def:46063 The host is missing an important security update for KB4022182 oval:org.secpod.oval:def:46357 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45029 The host is missing an important security update for KB4018319 oval:org.secpod.oval:def:46360 A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails. An attacker could exploit the vulnerability by sending a specially crafted email and attachment to a victim, or by hosting a malicious .eml file on a web server. The ... oval:org.secpod.oval:def:45398 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45399 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45036 The host is missing an important security update for KB4018288 oval:org.secpod.oval:def:45394 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:45395 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:45396 A security feature bypass vulnerability exists when the Microsoft Outlook attachment block filter does not properly handle attachments. An attacker who successfully exploited the vulnerability could execute arbitrary commands. The security feature bypass by itself does not allow arbitrary code execu ... oval:org.secpod.oval:def:45465 The host is missing an important security update for KB3172436 oval:org.secpod.oval:def:45461 The host is missing an important security update for KB4018327 oval:org.secpod.oval:def:45463 The host is missing an important security update for KB2899590 oval:org.secpod.oval:def:44586 A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43492 The host is missing an important security update 4011580 oval:org.secpod.oval:def:44587 A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an ... oval:org.secpod.oval:def:43499 The host is missing an important security update 4011574 oval:org.secpod.oval:def:44597 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:43439 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43438 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:43443 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43442 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43441 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43440 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:43447 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43445 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43449 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43448 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43450 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43453 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43452 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43451 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43579 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43582 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43581 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43580 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45400 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:45401 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:49064 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:49065 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:49068 An information disclosure vulnerability exists when Microsoft Outlook fails to respect Default link type settings configured via the SharePoint Online Admin Center. A malicious user could potentially share anonymously-accessible links to other users via email where these links are intended to be acc ... oval:org.secpod.oval:def:49077 An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users. To exploit this vulnerability, an atta ... oval:org.secpod.oval:def:49078 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or cr ... oval:org.secpod.oval:def:49075 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49073 A remote code execution vulnerability exists in Microsoft Project software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:49074 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:49071 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:49072 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:50108 The host is missing an important security update for KB3172522 oval:org.secpod.oval:def:50109 The host is missing an important security update for KB4022162 oval:org.secpod.oval:def:47124 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:47207 The host is missing an important security update for KB4032233 oval:org.secpod.oval:def:47208 The host is missing an important security update for KB4032239 oval:org.secpod.oval:def:46362 A remote code execution vulnerability exists when Microsoft Access fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new acco ... oval:org.secpod.oval:def:47467 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could access information previously deleted from the active worksheet. To exploit the vulnerability, an attacker could craft a special doc ... oval:org.secpod.oval:def:47468 A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. To exploit the vulnerability, an attacker must entice the us ... oval:org.secpod.oval:def:47464 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49709 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49708 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:49712 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with admi ... oval:org.secpod.oval:def:49710 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:49711 An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerabi ... oval:org.secpod.oval:def:49714 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:47955 The host is missing an important security update for KB4461445 oval:org.secpod.oval:def:47954 The host is missing an important security update for KB4461437 oval:org.secpod.oval:def:47922 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:47921 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on w ... oval:org.secpod.oval:def:47923 A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with ad ... oval:org.secpod.oval:def:50061 An information disclosure vulnerability exists when Microsoft Outlook improperly handles certain types of messages. An attacker who successfully exploited this vulnerability could gather information about the victim. An attacker could exploit this vulnerability by sending a specially crafted email t ... oval:org.secpod.oval:def:50062 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:50063 An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly. An attacker who successfully exploited this vulnerability could read arbitrary files from a targeted system. To exploit the vulnerability, an attacker could craft a special document file and convinc ... oval:org.secpod.oval:def:54660 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:50065 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:54659 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54666 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:58906 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:58902 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:61282 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:61281 An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM. To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific ... oval:org.secpod.oval:def:61280 A security feature bypass vulnerability exists in Microsoft Outlook software when it improperly handles the parsing of URI formats. The security feature bypass by itself does not allow arbitrary code execution. However, to successfully exploit the vulnerability, an attacker would have to use it in c ... oval:org.secpod.oval:def:50691 A security feature bypass vulnerability exists when Microsoft Office does not validate URLs. An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials. An attacker who successfully exploited this vulnerability could perform a phishing attack. Th ... oval:org.secpod.oval:def:50695 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:50698 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:50110 The host is missing an important security update for KB4461535 oval:org.secpod.oval:def:50776 The host is missing an important security update for KB4018294 oval:org.secpod.oval:def:50777 The host is missing an important security update for KB4018300 oval:org.secpod.oval:def:50785 The host is missing an important security update for KB4462138 oval:org.secpod.oval:def:50788 The host is missing an important security update for KB4462146 oval:org.secpod.oval:def:57248 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:57247 A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents. An attacker who successfully exploited this vulnerability could read or write information in Office documents. The security update addresses the vulnerab ... oval:org.secpod.oval:def:57250 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:57249 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:59696 The host is missing an important security update for KB4484113 oval:org.secpod.oval:def:59697 The host is missing an important security update for KB4484119 oval:org.secpod.oval:def:58534 The host is missing an important security update for KB4475607 oval:org.secpod.oval:def:58531 The host is missing an important security update for KB4475583 oval:org.secpod.oval:def:58525 The host is missing an important security update for KB4475591 oval:org.secpod.oval:def:58436 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:60623 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:60624 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:60621 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:60622 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:61831 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61830 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:58440 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:58437 A security feature bypass vulnerability exists when Microsoft Office improperly handles input. An attacker who successfully exploited the vulnerability could execute arbitrary commands. In a file-sharing attack scenario, an attacker could provide a specially crafted document file designed to exploit ... oval:org.secpod.oval:def:59701 The host is missing an important security update for KB4484148 oval:org.secpod.oval:def:54125 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:55356 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:58976 The host is missing an important security update for KB4475554 oval:org.secpod.oval:def:58977 The host is missing an important security update for KB4475558 oval:org.secpod.oval:def:59703 The host is missing an important security update for KB4484152 oval:org.secpod.oval:def:55357 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:59852 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with admi ... oval:org.secpod.oval:def:59853 An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attack ... oval:org.secpod.oval:def:59854 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:58523 The host is missing an important security update for KB4475611 oval:org.secpod.oval:def:59850 An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attack ... oval:org.secpod.oval:def:59851 A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specia ... oval:org.secpod.oval:def:57863 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:57862 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:57861 A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative u ... oval:org.secpod.oval:def:54123 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54124 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54121 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:54122 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:57867 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:57866 An elevation of privilege vulnerability exists when Microsoft Outlook initiates processing of incoming messages without sufficient validation of the formatting of the messages. An attacker who successfully exploited the vulnerability could attempt to force Outlook to load a local or remote message s ... oval:org.secpod.oval:def:54118 A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files. To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded. The update addr ... oval:org.secpod.oval:def:54119 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted f ... oval:org.secpod.oval:def:64204 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:62493 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:62492 A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the syst ... oval:org.secpod.oval:def:63645 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:63646 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:63647 A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted ... oval:org.secpod.oval:def:63654 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:63655 An information disclosure vulnerability exists when Microsoft Project reads out of bound memory due to an uninitialized variable. An attacker who successfully exploited the vulnerability could view out of bound memory that potentially could contain sensitive information. Exploitation of the vulnerab ... oval:org.secpod.oval:def:62506 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:62517 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:62516 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:62515 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:62829 The host is missing an important security update for ADV200004 oval:org.secpod.oval:def:61835 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61833 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:63079 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64197 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64198 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:64199 A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the ... oval:org.secpod.oval:def:64213 A remote code execution vulnerability exists when Microsoft Office improperly validates input before loading dynamic link library (DLL) files. An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or ... oval:org.secpod.oval:def:64205 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64206 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64208 A remote code execution vulnerability exists in Microsoft Project software when the software fails to check the source markup of a file. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with adminis ... oval:org.secpod.oval:def:77638 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:77637 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:77636 Microsoft Office ClickToRun Remote Code Execution Vulnerability oval:org.secpod.oval:def:78712 Microsoft Excel Remote Code Execution Vulnerability. oval:org.secpod.oval:def:76405 Microsoft Jet Red Database Engine and Access Connectivity Engine Elevation of Privilege Vulnerability oval:org.secpod.oval:def:76403 Microsoft Office Trust Center Spoofing Vulnerability oval:org.secpod.oval:def:76402 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:76401 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:82637 Microsoft Outlook Denial of Service Vulnerability oval:org.secpod.oval:def:82636 Microsoft Excel Security Feature Bypass Vulnerability oval:org.secpod.oval:def:78039 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:78035 Microsoft Office Word Tampering Vulnerability oval:org.secpod.oval:def:78036 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:78037 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:78038 Microsoft Word Security Feature Bypass Vulnerability oval:org.secpod.oval:def:82638 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:83862 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:83863 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:83861 Microsoft PowerPoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:86121 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86120 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86123 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86122 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86118 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86119 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86128 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:86125 Microsoft Office OneNote Remote Code Execution Vulnerability oval:org.secpod.oval:def:86124 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:86127 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:86126 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:71859 The host is missing an important security update 5001920 oval:org.secpod.oval:def:71802 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:91839 Microsoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure. oval:org.secpod.oval:def:75282 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:75281 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75289 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:75290 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:75288 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75333 The host is missing an important security update 5001982 oval:org.secpod.oval:def:75287 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75286 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75285 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:75284 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73209 Microsoft Outlook Remote Code Execution Vulnerability oval:org.secpod.oval:def:73239 The host is missing an important security update 5001950 oval:org.secpod.oval:def:73210 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:73211 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:73240 The host is missing an important security update 5001951 oval:org.secpod.oval:def:73208 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:81887 Microsoft Office Security Feature Bypass Vulnerability oval:org.secpod.oval:def:77634 Microsoft Office Remote Code Execution Vulnerability. Successfully exploitation allows an attacker to read uninitialized memory. oval:org.secpod.oval:def:76404 Visual Basic for Applications Information Disclosure Vulnerability oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:36750 The host is missing a critical security update according to Microsoft security bulletin, MS16-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:36745 The host is installed with Microsoft Office 2007, 2010, 2013, 2016 or Word Viewer and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle objects in memory. An attacker who successfully exploited the vulnerabilities could run arbitrary ... oval:org.secpod.oval:def:77633 Microsoft Office Remote Code Execution Vulnerability. Successfully exploitation allows an attacker to read uninitialized memory. oval:org.secpod.oval:def:78711 Microsoft Excel Remote Code Execution Vulnerability. oval:org.secpod.oval:def:58054 The host is missing an important security update 4475538 oval:org.secpod.oval:def:58055 The host is missing an important security update 4464599 oval:org.secpod.oval:def:87480 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:87479 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:87477 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:88033 Microsoft Excel Spoofing Vulnerability. oval:org.secpod.oval:def:88031 Microsoft Outlook Elevation of Privilege Vulnerability oval:org.secpod.oval:def:88032 Microsoft Excel Spoofing Vulnerability. oval:org.secpod.oval:def:89705 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:88931 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:88929 Microsoft Publisher Remote Code Execution Vulnerability oval:org.secpod.oval:def:88930 Microsoft Publisher Remote Code Execution Vulnerability oval:org.secpod.oval:def:88932 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:89703 Microsoft Access Denial of Service Vulnerability oval:org.secpod.oval:def:89704 Microsoft Word Security Feature Bypass Vulnerability oval:org.secpod.oval:def:89702 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:90334 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:90335 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:90337 Microsoft Outlook Remote Code Execution Vulnerability oval:org.secpod.oval:def:90338 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:90775 Microsoft Office Graphics Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90773 Microsoft Office Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:90769 Microsoft Outlook Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:90774 Microsoft Office Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:90777 Microsoft Outlook Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90776 Microsoft ActiveX Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90771 Microsoft Excel Remote Code Execution Vulnerability. An attacker must send the user a malicious file and convince them to open it. oval:org.secpod.oval:def:90770 Microsoft Excel Information Disclosure Vulnerability. oval:org.secpod.oval:def:90772 Microsoft Excel Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90768 Microsoft Outlook Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:95788 Microsoft Outlook Information Disclosure Vulnerability. oval:org.secpod.oval:def:95787 Microsoft Word Information Disclosure Vulnerability. oval:org.secpod.oval:def:81502 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:79933 Microsoft Office Security Feature Bypass Vulnerability oval:org.secpod.oval:def:79934 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:77054 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77053 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75807 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:75806 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:75804 Microsoft Excel Security Feature Bypass Vulnerability oval:org.secpod.oval:def:75805 Microsoft Access Remote Code Execution Vulnerability oval:org.secpod.oval:def:74878 Microsoft Office Spoofing Vulnerability oval:org.secpod.oval:def:74876 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:74873 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:74872 Microsoft Office Graphics Component Information Disclosure Vulnerability oval:org.secpod.oval:def:74924 The host is missing an important security update 5002005 oval:org.secpod.oval:def:74871 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:74869 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:74870 Microsoft Office Visio Remote Code Execution Vulnerability oval:org.secpod.oval:def:74868 Microsoft Office Spoofing Vulnerability oval:org.secpod.oval:def:74919 The host is missing an important security update 4484103 oval:org.secpod.oval:def:74867 Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability oval:org.secpod.oval:def:74922 The host is missing an important security update 5001997 oval:org.secpod.oval:def:74300 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:74299 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:73732 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73856 The host is missing an important security update for KB5001979 oval:org.secpod.oval:def:73731 Microsoft Office Security Feature Bypass Vulnerability oval:org.secpod.oval:def:71799 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:71798 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:71797 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:71860 The host is missing an important security update 5001923 oval:org.secpod.oval:def:71803 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:71800 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:71801 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:70924 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:70925 Microsoft Outlook Memory Corruption Vulnerability oval:org.secpod.oval:def:70928 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:70929 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:71044 The host is missing an important security update for KB4504722 oval:org.secpod.oval:def:70926 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:70069 The host is missing an important security update for KB4493200 oval:org.secpod.oval:def:70073 The host is missing an important security update for KB4493225 oval:org.secpod.oval:def:69976 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:69977 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:69981 Microsoft Office ClickToRun Remote Code Execution Vulnerability oval:org.secpod.oval:def:69982 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:69980 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:69974 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:69978 Microsoft Visio Security Feature Bypass Vulnerability oval:org.secpod.oval:def:69979 Microsoft PowerPoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:69010 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:69013 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:69012 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:68166 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:68167 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:68168 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68169 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68273 The host is missing an important security update for KB4493168 oval:org.secpod.oval:def:68261 The host is missing an important security update for KB4486755 oval:org.secpod.oval:def:68164 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:67682 Microsoft Outlook Information Disclosure Vulnerability oval:org.secpod.oval:def:67731 The host is missing an important security update for KB4486757 oval:org.secpod.oval:def:67692 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:67691 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:67693 Microsoft Excel Security Feature Bypass Vulnerability oval:org.secpod.oval:def:67689 Microsoft Excel Information Disclosure Vulnerability oval:org.secpod.oval:def:67688 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:67687 Microsoft PowerPoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:67686 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:66960 The host is missing an important security update for KB4486722 oval:org.secpod.oval:def:66912 The host is installed with Microsoft Office products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an issue in the connectivity engine. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66913 The host is installed with Microsoft Office products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an issue in the connectivity engine. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66915 The host is installed with Microsoft Office products and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to cause unspecified impact. oval:org.secpod.oval:def:66952 The host is missing an important security update for KB4484508 oval:org.secpod.oval:def:66910 The host is installed with Microsoft Office products and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle an issue in the connectivity engine. Successful exploitation could allow a remote attacker to execute arbitrary code. oval:org.secpod.oval:def:66911 The host is installed with Microsoft Office 2016 and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66907 The host is installed with Microsoft Office products and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to cause unspecified impact. oval:org.secpod.oval:def:66052 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:66051 An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a speci ... oval:org.secpod.oval:def:66050 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:66136 The host is missing an important security update for KB4486682 oval:org.secpod.oval:def:66043 A remote code execution vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the System user. If the current user is logged on with administ ... oval:org.secpod.oval:def:66045 A denial of service vulnerability exists in Microsoft Outlook software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a spe ... oval:org.secpod.oval:def:66035 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66037 An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a speci ... oval:org.secpod.oval:def:66036 A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file cou ... oval:org.secpod.oval:def:66031 An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) AppVLP handles certain files. An attacker who successfully exploited the vulnerability could elevate privileges. To exploit this vulnerability, an attacker would need to convince a user to open a speci ... oval:org.secpod.oval:def:66033 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66032 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66034 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66126 The host is missing an important security update for KB4484417 oval:org.secpod.oval:def:66030 A remote code execution vulnerability exists when the Base3D rendering engine improperly handles memory. An attacker who successfully exploited the vulnerability would gain execution on a victim system. The security update addresses the vulnerability by correcting how the Base3D rendering engine han ... oval:org.secpod.oval:def:65387 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65376 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65536 The host is missing an important security update for KB4484513 oval:org.secpod.oval:def:65374 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65375 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65371 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65372 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:65525 The host is missing an important security update for KB4484466 oval:org.secpod.oval:def:65366 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64920 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64921 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64927 An elevation of privilege vulnerability exists in the way that Microsoft Office Click-to-Run (C2R) components handle objects in memory. An attacker who successfully exploited the vulnerability could elevate privileges. The attacker would need to already have the ability to execute code on the system ... oval:org.secpod.oval:def:64928 A remote code execution vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:64929 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64964 The host is missing an important security update for KB4484431 oval:org.secpod.oval:def:64924 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:64957 The host is missing an important security update for KB4484346 oval:org.secpod.oval:def:64912 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64913 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64914 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64915 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:64916 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64910 A remote code execution vulnerability exists in Microsoft Outlook when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative u ... oval:org.secpod.oval:def:64911 An information disclosure vulnerability exists when attaching files to Outlook messages. This vulnerability could potentially allow users to share attached files such that they are accessible by anonymous users where they should be restricted to specific users. To exploit this vulnerability, an atta ... oval:org.secpod.oval:def:70927 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:71040 The host is missing an important security update for KB4504724 oval:org.secpod.oval:def:50057 A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input. An attacker could execute arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker who successfully exploited the vulnera ... oval:org.secpod.oval:def:50697 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:50699 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:50700 A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing ... oval:org.secpod.oval:def:58053 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:58430 A remote code execution vulnerability exists when the Windows Jet Database Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system. An attacker could exploit this vulnerability by enticing a victim to open ... oval:org.secpod.oval:def:98415 Microsoft Office Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:73730 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:98913 Microsoft Office Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:49067 A denial of service vulnerability exists in Skype for Business. An attacker who successfully exploited the vulnerability could cause Skype for Business to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker's user rights. For an att ... oval:org.secpod.oval:def:40467 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:57245 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... oval:org.secpod.oval:def:98011 Microsoft Office Remote Code Execution Vulnerability. oval:org.secpod.oval:def:98008 Microsoft Outlook Elevation of Privilege Vulnerability. oval:org.secpod.oval:def:98007 Microsoft Office OneNote Remote Code Execution Vulnerability. oval:org.secpod.oval:def:98009 Microsoft Word Remote Code Execution Vulnerability. oval:org.secpod.oval:def:98006 Microsoft Outlook Remote Code Execution Vulnerability. oval:org.secpod.oval:def:96664 Microsoft Office Remote Code Execution Vulnerability. A security vulnerability exists in FBX that could lead to remote code execution. To mitigate this vulnerability, the ability to insert FBX files has been disabled in Word, Excel, PowerPoint and Outlook for Windows and Mac. Versions of Office that ... oval:org.secpod.oval:def:71853 The host is missing an important security update 4493197 oval:org.secpod.oval:def:71804 Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability oval:org.secpod.oval:def:75329 The host is missing an important security update 4461476 oval:org.secpod.oval:def:75283 Rich Text Edit Control Information Disclosure Vulnerability |
