Download
| Alert*
oval:org.secpod.oval:def:42388
The host is missing an important security update KB4011232 oval:org.secpod.oval:def:42395 The host is missing an important security update 3213627 oval:org.secpod.oval:def:42386 The host is missing an important security update KB3213648 oval:org.secpod.oval:def:42384 The host is missing an important security update KB3213630 oval:org.secpod.oval:def:44599 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:43509 The host is missing an important security update 4011651 oval:org.secpod.oval:def:39353 The host is missing an important security update according to Microsoft security bulletin, MS17-014. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the application, which fails to handle objects in memory. Successful exploitation could run arbitrar ... oval:org.secpod.oval:def:41006 The host is missing a moderate severity security update KB3203441 oval:org.secpod.oval:def:41007 The host is missing a moderate severity security update KB3203464 oval:org.secpod.oval:def:40537 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:49130 The host is missing an important security update for KB4461485 oval:org.secpod.oval:def:57966 The host is missing a critical security update for KB4475547 oval:org.secpod.oval:def:41030 The host is missing an important security update KB3203393 oval:org.secpod.oval:def:40990 A remote code execution vulnerability exist in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. oval:org.secpod.oval:def:40514 The host is missing an important security update KB3178729 oval:org.secpod.oval:def:40518 The host is missing an important security update KB3191843 oval:org.secpod.oval:def:40516 The host is missing an important security update KB3191836 oval:org.secpod.oval:def:55448 The host is missing an important security update for KB4464590 oval:org.secpod.oval:def:35630 The host is missing a critical security update according to Microsoft security bulletin, MS16-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:33267 The host is installed with Microsoft Word 2007, Word 2010, Word 2013, Word 2016, Office Compatibility Pack, Word Viewer, Web Apps 2010, Web Apps 2013, Sharepoint server 2010 or Sharepoint server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail ... oval:org.secpod.oval:def:32603 The host is installed with Microsoft Office 2007, Excel 2007 SP3, PowerPoint 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2010, Excel 2010 SP2, PowerPoint 2010 SP2, Visio 2010 SP2, Word 2010 SP2, Office 2013, Excel 2013 SP1, PowerPoint 2013 SP1, Word 2013 SP1, Office 2016, Excel 2016, PowerPoint ... oval:org.secpod.oval:def:34348 The host is installed with Microsoft Word 2007, 2010, 2013, 2016, Office Compatibility Pack or Word Veiwer and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitra ... oval:org.secpod.oval:def:32607 The host is missing a critical security update according to Microsoft security bulletin, MS16-004. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploit ... oval:org.secpod.oval:def:34344 The host is missing a critical security update according to Microsoft security bulletin, MS16-054. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:39346 The host is missing an important security update according to Microsoft security bulletin, MS17-002. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbi ... oval:org.secpod.oval:def:39343 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:38635 The host is installed with Microsoft Word 2016 or SharePoint Server 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:38636 The host is missing an important security update according to Microsoft security bulletin, MS17-002. The update is required to fix a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute ... oval:org.secpod.oval:def:37449 The host is missing an important security update according to Microsoft security bulletin, MS16-121. The update is required to fix a memory corruption vulnerability. A flaw is present in the application, which fails to handle crafted RTF files. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:37448 The host is installed with Word for Mac 2011 or Office 2016 for Mac and is prone to a remote code execution vulnerability. A flaw is present in the application, which fails to handle crafted RTF files. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37447 The host is missing an important security update according to Microsoft security bulletin, MS16-121. The update is required to fix a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted RTF files. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:37446 The host is installed with Microsoft Word 2007, 2010, 2013, 2016, Office compatibility pack, Word Viewer, Sharepoint Server 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted RTF files. S ... oval:org.secpod.oval:def:39336 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:39339 A denial of service vulnerability exists when a specially crafted file is opened in Microsoft Office. An attacker who successfully exploited the vulnerability could cause Office to stop responding. Note that the denial of service would not allow an attacker to execute code or to elevate the attacker ... oval:org.secpod.oval:def:32921 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, SharePoint Server 2013 or Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objec ... oval:org.secpod.oval:def:32924 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016 or Office Compatibility Pack SP3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who successfully exploited these ... oval:org.secpod.oval:def:31714 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016 or Office Compatibility Pack SP3 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted Microsoft Office file. Successful exploitation could all ... oval:org.secpod.oval:def:32920 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, SharePoint Server 2013 or Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objec ... oval:org.secpod.oval:def:32926 The host is missing a critical security update according to Microsoft security bulletin, MS16-015. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted office file. Successful exploitation allows attackers to corrupt ... oval:org.secpod.oval:def:35633 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office ... oval:org.secpod.oval:def:31392 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016 or Word Viewer and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploitation could allow attac ... oval:org.secpod.oval:def:31393 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3 or Word Viewer and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle specially crafted Microsoft Office file. Successful ... oval:org.secpod.oval:def:32919 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, SharePoint Server 2013 or Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objec ... oval:org.secpod.oval:def:31709 The host is missing a critical security update according to Microsoft security bulletin, MS15-131. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploit ... oval:org.secpod.oval:def:31377 Microsoft Word 2016 is installed oval:org.secpod.oval:def:45389 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:64207 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64332 The host is missing an important security update for KB4484438 oval:org.secpod.oval:def:62610 The host is missing an important security update for KB4484300 oval:org.secpod.oval:def:45459 The host is missing an important security update for KB4018383 oval:org.secpod.oval:def:54733 The host is missing a critical security update for KB4464536 oval:org.secpod.oval:def:40469 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:40521 The host is missing an important security update KB3191865 oval:org.secpod.oval:def:63773 The host is missing an important security update for KB4484396 oval:org.secpod.oval:def:61929 The host is missing an important security update for KB4484268 oval:org.secpod.oval:def:49137 The host is missing an important security update for KB4461504 oval:org.secpod.oval:def:45451 The host is missing an important security update for KB4018396 oval:org.secpod.oval:def:43444 An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wi ... oval:org.secpod.oval:def:40979 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:57967 The host is missing a critical security update for KB4475540 oval:org.secpod.oval:def:41031 The host is missing an important security update KB3191945 oval:org.secpod.oval:def:42369 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:55450 The host is missing an important security update for KB4464596 oval:org.secpod.oval:def:42383 The host is missing an important security update KB4011222 oval:org.secpod.oval:def:85447 The host is missing an important security update for KB5002223 oval:org.secpod.oval:def:33263 The host is missing an important security update according to Microsoft security bulletin, MS16-028. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:35964 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:35965 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:35962 The host is missing a critical security update according to Microsoft security bulletin, MS16-088. The update is required to fix to multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle objects in memory. Successful exploitation could allow attac ... oval:org.secpod.oval:def:35961 The host is missing an important security update according to Microsoft bulletin, MS16-088. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary cod ... oval:org.secpod.oval:def:35957 The host is installed with Microsoft Word 2010 SP2, Word 2013 SP1, Word 2016, Word Automation Services on SharePoint Server 2010 SP2 or Office Web Apps 2010 SP2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. ... oval:org.secpod.oval:def:35958 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, SharePoint Server 2016, Office Web Apps 2010 SP2 or ... oval:org.secpod.oval:def:35955 The host is installed with Microsoft Excel 2010 SP2, Powerpoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, Powerpoint 2013 SP1, Word 2013 SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2 or Office Web Apps 2010 SP2 and is prone to a memory corruption vulnerability. A ... oval:org.secpod.oval:def:35956 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Office Compatibility Pack SP3 or Word Viewer and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allo ... oval:org.secpod.oval:def:47968 Microsoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure. oval:org.secpod.oval:def:78080 The host is missing an important security update KB5002139 oval:org.secpod.oval:def:43196 Microsoft has released an update for Microsoft Office that provides enhanced security as a defense-in-depth measure. The update disables the Dynamic Update Exchange protocol (DDE) in all supported editions of Microsoft Word. oval:org.secpod.oval:def:45018 The host is missing an important security update for KB4018347 oval:org.secpod.oval:def:45030 The host is missing an important security update for KB4018339 oval:org.secpod.oval:def:46360 A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails. An attacker could exploit the vulnerability by sending a specially crafted email and attachment to a victim, or by hosting a malicious .eml file on a web server. The ... oval:org.secpod.oval:def:46426 The host is missing a low severity security update for KB4022218 oval:org.secpod.oval:def:46428 The host is missing a low severity security update for KB4022224 oval:org.secpod.oval:def:44950 An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerabil ... oval:org.secpod.oval:def:43489 The host is missing a critical security update 4011643 oval:org.secpod.oval:def:44597 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:43439 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43441 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43440 A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially crafted email messages. An attacker who successfully exploited the vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create ... oval:org.secpod.oval:def:43447 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43445 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43449 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43448 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43450 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43453 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43452 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43451 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43579 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:44665 The host is missing a security update 4011730 oval:org.secpod.oval:def:43582 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:44672 The host is missing a security update 4011695 oval:org.secpod.oval:def:43581 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43580 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:49071 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:47468 A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. To exploit the vulnerability, an attacker must entice the us ... oval:org.secpod.oval:def:47478 The host is missing an important security update 4032246 oval:org.secpod.oval:def:47477 The host is missing an important security update 4092447 oval:org.secpod.oval:def:47958 The host is missing an important security update for KB4461449 oval:org.secpod.oval:def:47960 The host is missing an important security update for KB4461457 oval:org.secpod.oval:def:47923 A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with ad ... oval:org.secpod.oval:def:50063 An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly. An attacker who successfully exploited this vulnerability could read arbitrary files from a targeted system. To exploit the vulnerability, an attacker could craft a special document file and convinc ... oval:org.secpod.oval:def:50065 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:54666 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61830 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:55356 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:59851 A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specia ... oval:org.secpod.oval:def:50112 The host is missing an important security update for KB4461543 oval:org.secpod.oval:def:50115 The host is missing an important security update for KB4461594 oval:org.secpod.oval:def:57863 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64204 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:62492 A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the syst ... oval:org.secpod.oval:def:61835 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:63647 A security feature bypass vulnerability exists in Microsoft Outlook when Office fails to enforce security settings configured on a system. An attacker who successfully exploited this vulnerability could cause a system to load remote images. These images could disclose the IP address of the targeted ... oval:org.secpod.oval:def:64198 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:62516 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64205 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64206 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:78035 Microsoft Office Word Tampering Vulnerability oval:org.secpod.oval:def:91839 Microsoft has released an update for Microsoft Office that provides enhanced security as a defense in depth measure. oval:org.secpod.oval:def:75335 The host is missing a critical security update for KB5002004 oval:org.secpod.oval:def:75282 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:31390 The host is installed with Microsoft Access 2007 SP3, Excel 2007 SP3, InfoPath 2007 SP3, OneNote 2007 SP3, PowerPoint 2007 SP3, Project 2007 SP3, Publisher 2007 SP3, Visio 2007 SP3, Word 2007 SP3, Office 2007 IME (Japanese) SP3, Access 2010 SP2, Excel 2010 SP2, InfoPath 2010 SP2, OneNote 2010 SP2, P ... oval:org.secpod.oval:def:36750 The host is missing a critical security update according to Microsoft security bulletin, MS16-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:36747 The host is installed with Microsoft Word 2013 or 2016 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fails to properly handle objects in memory. An attacker who successfully exploited the vulnerabilities could run arbitrary code in the context of the ... oval:org.secpod.oval:def:36841 The host is installed with Microsoft Office 2011 or 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:36838 The host is installed with Microsoft Office 2016 for Mac and is prone to a memory corruption vulnerability. A flaw is present in the application, which fails to handle objects in memory. Successful exploitation could allow attackers to run arbitrary code in the context of the current user. oval:org.secpod.oval:def:93095 The host is missing an important security update for KB5002497 oval:org.secpod.oval:def:87557 The host is missing a critical security update for KB5002323 oval:org.secpod.oval:def:87477 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:89704 Microsoft Word Security Feature Bypass Vulnerability oval:org.secpod.oval:def:89724 The host is missing an important security update for KB5002369 oval:org.secpod.oval:def:90902 The host is missing a security update 5002406 oval:org.secpod.oval:def:90774 Microsoft Office Security Feature Bypass Vulnerability. oval:org.secpod.oval:def:91850 The host is missing a critical security update for KB5002464 oval:org.secpod.oval:def:95825 The host is missing an important security update for KB5002520 oval:org.secpod.oval:def:95787 Microsoft Word Information Disclosure Vulnerability. oval:org.secpod.oval:def:79933 Microsoft Office Security Feature Bypass Vulnerability oval:org.secpod.oval:def:79989 The host is missing an important security update for KB5002184 oval:org.secpod.oval:def:77056 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:77109 The host is missing an important security update 5002057 oval:org.secpod.oval:def:71858 The host is missing an important security update 5001919 oval:org.secpod.oval:def:71803 Microsoft Office Graphics Remote Code Execution Vulnerability oval:org.secpod.oval:def:71036 The host is missing an important security update for KB4493198 oval:org.secpod.oval:def:70924 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68267 The host is missing an important security update for KB4493156 oval:org.secpod.oval:def:68168 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68169 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:66959 The host is missing an important security update for KB4486719 oval:org.secpod.oval:def:66907 The host is installed with Microsoft Office products and is prone to a security feature bypass vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow an attacker to cause unspecified impact. oval:org.secpod.oval:def:66036 A security feature bypass vulnerability exists in Microsoft Word software when it fails to properly handle .LNK files. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file cou ... oval:org.secpod.oval:def:66135 The host is missing an important security update for KB4486679 oval:org.secpod.oval:def:65534 The host is missing an important security update for KB4484510 oval:org.secpod.oval:def:65371 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64972 The host is missing an important security update for KB4484474 oval:org.secpod.oval:def:64921 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64929 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:40957 A remote code execution vulnerability exists in Microsoft Windows, Microsoft Word 2013 and Microsoft Word 2016 if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user.To exploit th ... oval:org.secpod.oval:def:73852 The host is missing an important security update for KB5001949 oval:org.secpod.oval:def:73730 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:40467 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:98036 The host is missing an important security update for KB5002542 oval:org.secpod.oval:def:98009 Microsoft Word Remote Code Execution Vulnerability. oval:org.secpod.oval:def:98010 Microsoft Office Remote Code Execution Vulnerability. oval:org.secpod.oval:def:90894 Windows Search Remote Code Execution Vulnerability. In an email or instant message attack scenario, the attacker could send the targeted user a specially crafted file that is designed to exploit the remote code execution vulnerability. In any case an attacker would have no way to force a user to vie ... |