Download
| Alert*
|
oval:org.secpod.oval:def:35594
Microsoft OneNote 2016 for Mac is installed oval:org.secpod.oval:def:59637 A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an ... oval:org.secpod.oval:def:43458 A spoofing vulnerability exists when Microsoft Outlook for MAC does not properly handle the encoding and display of email addresses. This improper handling and display may cause antivirus or antispam scanning to not work as intended. To exploit the vulnerability, an attacker could send a specially c ... oval:org.secpod.oval:def:45655 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly validate XML content. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:47156 An elevation of privilege vulnerability exists when the Microsoft AutoUpdate (MAU) application for Mac improperly validates updates before executing them. An attacker who successfully exploited the vulnerability who already has the ability to execute code on a system could elevate privileges. oval:org.secpod.oval:def:42083 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42377 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:54141 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. oval:org.secpod.oval:def:38321 The host is missing an important security update according to Microsoft security bulletin, MS16-148. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle objects in memory. Successful exploitation could run arbitrar ... oval:org.secpod.oval:def:64215 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64216 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. oval:org.secpod.oval:def:64217 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data. oval:org.secpod.oval:def:38327 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:64218 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:38328 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:64219 A remote code execution vulnerability exists in the way that DirectWrite handles objects in memory. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with ... oval:org.secpod.oval:def:61336 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:40537 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:57258 An information disclosure vulnerability exists when Exchange allows creation of entities with Display Names having non-printable characters. An authenticated attacker could exploit this vulnerability by creating entities with invalid display names, which, when added to conversations, remain invisibl ... oval:org.secpod.oval:def:57257 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:57256 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49114 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49115 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:39353 The host is missing an important security update according to Microsoft security bulletin, MS17-014. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle objects in memory. Successful exploitation could run arbitrar ... oval:org.secpod.oval:def:39349 A denial of service vulnerability exists when a specially crafted file is opened in Microsoft Office. An attacker who successfully exploited the vulnerability could cause Office to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker ... oval:org.secpod.oval:def:63657 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:63658 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:63659 A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted ... oval:org.secpod.oval:def:49778 An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerabi ... oval:org.secpod.oval:def:49779 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49777 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with admi ... oval:org.secpod.oval:def:63660 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:41271 The host is missing security update KB3212224 oval:org.secpod.oval:def:41270 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:62491 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61839 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61838 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:40990 A remote code execution vulnerability exist in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. oval:org.secpod.oval:def:63078 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:40991 A remote code execution vulnerability exist in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. oval:org.secpod.oval:def:40992 A spoofing vulnerability exists in when Microsoft Outlook for Mac does not sanitize html or treat it in a safe manner. An attacker who successfully tricked the user could gain access to the user's authentication information or login credentials. oval:org.secpod.oval:def:57868 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:57869 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:38329 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:61841 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61840 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:42084 An information disclosure vulnerability exists in the way that the Windows Graphics Device Interface (GDI) handles objects in memory, allowing an attacker to retrieve information from a targeted system. By itself, the information disclosure does not allow arbitrary code execution; however, it could ... oval:org.secpod.oval:def:54142 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:54701 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:55362 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:60625 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:60626 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:55363 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:37990 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:37989 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:37988 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:37985 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:37984 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to properly handle objects in memory. Successful exploitation could run arbitrary code in the context of the current user. oval:org.secpod.oval:def:37983 The host is missing an important security update according to Microsoft security bulletin, MS16-133. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle objects in memory. Successful exploitation could run arbitrar ... oval:org.secpod.oval:def:37449 The host is missing an important security update according to Microsoft security bulletin, MS16-121. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted RTF files. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:37448 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted RTF files. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:43457 An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wi ... oval:org.secpod.oval:def:35966 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:35964 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:35965 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:35962 The host is missing a critical security update according to Microsoft security bulletin, MS16-088. The update is required to fix to multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle objects in memory. Successful exploitation could allow attac ... oval:org.secpod.oval:def:35963 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:43173 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docum ... oval:org.secpod.oval:def:37091 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle a crafted office file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37090 The host is installed with Microsoft Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37088 The host is installed with Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle a crafted office file. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37087 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle objects in memory. Successful exploitation could allow attackers to run arbitrary ... oval:org.secpod.oval:def:37089 The host is installed with Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:44603 A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an ... oval:org.secpod.oval:def:44604 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:46382 A remote code execution vulnerability exists in Microsoft office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43454 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43456 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43455 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:45403 A remote code execution vulnerability exists in Microsoft office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45654 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:47470 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:47472 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could access information previously deleted from the active worksheet. oval:org.secpod.oval:def:47471 A remote code execution vulnerability exists when the Windows font library improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete data; ... oval:org.secpod.oval:def:50104 An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly. An attacker who successfully exploited this vulnerability could read arbitrary files from a targeted system. To exploit the vulnerability, an attacker could craft a special document file and convinc ... oval:org.secpod.oval:def:50105 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:58907 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:58908 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:59855 A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an ... oval:org.secpod.oval:def:59856 A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an ... oval:org.secpod.oval:def:59635 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:58540 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:58541 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:59636 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:50702 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:36841 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:36840 The host is installed with Microsoft Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:36839 The host is installed with Microsoft Office 2016 for Mac and is prone to an information disclosure vulnerability. A flaw is present in the application, which fails to handle crafted OneNote file. An attacker who exploited the vulnerability could use the information to compromise the users computer o ... oval:org.secpod.oval:def:36838 The host is installed with Microsoft Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:36837 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:47929 An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could obtain information that could be useful for further exploitation. To exploit the vulnerability, a user would have to o ... oval:org.secpod.oval:def:47928 A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory. An attacker who successfully exploited the vulnerability could execute arbitrary code on a target system. To exploit the vulnerability, a user would have to open a specially crafted f ... oval:org.secpod.oval:def:47155 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:42082 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42769 A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document. The security feature bypass by itself does not allow arbitrary code execution. To successfully exploit the vulnerability, an attacker would have to embed a control in an ... oval:org.secpod.oval:def:47154 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:45042 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:66068 A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file cou ... oval:org.secpod.oval:def:66069 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65508 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65506 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65507 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65505 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:65509 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. oval:org.secpod.oval:def:64930 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data. oval:org.secpod.oval:def:64931 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the user's computer or data. oval:org.secpod.oval:def:64932 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64933 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... |
