Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:microsoft:word_automation_services:-:*:*:*:*:sharepoint:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2019-0585 |
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server. Published: January 08, 2019; 4:29:02 PM -0500 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2019-0561 |
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word. Published: January 08, 2019; 4:29:01 PM -0500 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-8378 |
An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Word, Microsoft SharePoint Server, Microsoft Office Word Viewer, Microsoft Excel Viewer, Microsoft SharePoint, Microsoft Office. Published: August 15, 2018; 1:29:07 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2018-1028 |
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server. Published: April 11, 2018; 9:29:10 PM -0400 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2017-8512 |
A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office Remote Code Execution Vulnerability". This CVE ID is unique from CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-0260, and CVE-2017-8506. Published: June 14, 2017; 9:29:03 PM -0400 |
V3.0: 8.8 HIGH V2.0: 9.3 HIGH |
CVE-2017-0105 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from out-of-bound memory via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Published: March 16, 2017; 8:59:02 PM -0400 |
V3.0: 5.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-7291 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7290. Published: December 20, 2016; 1:59:01 AM -0500 |
V3.0: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2016-7290 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on SharePoint Server 2010 SP2, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability," a different vulnerability than CVE-2016-7291. Published: December 20, 2016; 1:59:01 AM -0500 |
V3.0: 7.1 HIGH V2.0: 5.8 MEDIUM |
CVE-2016-7233 |
Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2013 SP1, and Office Web Apps 2010 SP2 allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted Office document, aka "Microsoft Office Information Disclosure Vulnerability." Published: November 10, 2016; 1:59:46 AM -0500 |
V3.0: 6.5 MEDIUM V2.0: 4.3 MEDIUM |
CVE-2016-7193 |
Microsoft Word 2007 SP2, Office 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Word 2016, Word for Mac 2011, Word 2016 for Mac, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office Web Apps Server 2013 SP1, and Office Online Server allow remote attackers to execute arbitrary code via a crafted RTF document, aka "Microsoft Office Memory Corruption Vulnerability." Published: October 13, 2016; 10:59:38 PM -0400 |
V3.0: 7.8 HIGH V2.0: 9.3 HIGH |
CVE-2015-0064 |
Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2, Word Viewer, and Office Compatibility Pack SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Office Remote Code Execution Vulnerability." Published: February 10, 2015; 10:01:07 PM -0500 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-2528 |
Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server 2010; and Office Web Apps 2010 SP1 allows remote attackers to execute arbitrary code via a crafted RTF document, aka "RTF File listid Use-After-Free Vulnerability." Published: October 09, 2012; 5:55:02 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |