Unsafe Command Line Parameter passing vulnerability in Internet Explorer and Microsoft Windows| ID: oval:org.secpod.oval:def:25823 | Date: (C)2015-08-13 (M)2024-03-06 |
| Class: VULNERABILITY | Family: windows |
The host is installed with Microsoft Excel 2007, 2010, 2013, Powerpoint 2007, 2010, 2013, Visio 2007, 2010, 2013, Word 2007, 2010, 2013, Internet Explorer 7, 8, 9, 10 or 11, Microsoft Windows Server 2008, 2008 R2, 2012, 2012 R2, Windows Vista, 7, 8, 8.1 or 10 and is prone to an unsafe command line parameter passing vulnerability. A flaw is present in the applications, which fails to properly handle unsafe command line parameter. Successful exploitation could allow attackers to execute arbitrary code in the context of the current user.
| Platform: |
| Microsoft Windows Server 2019 |
| Microsoft Windows Server 2016 |
| Microsoft Windows Vista |
| Microsoft Windows Server 2008 |
| Microsoft Windows 7 |
| Microsoft Windows Server 2008 R2 |
| Microsoft Windows 8 |
| Microsoft Windows Server 2003 |
| Microsoft Windows Server 2012 |
| Microsoft Windows 8.1 |
| Microsoft Windows 10 |
| Microsoft Windows Server 2012 R2 |
| Product: |
| Microsoft Internet Explorer 7 |
| Microsoft Internet Explorer 8 |
| Microsoft Internet Explorer 9 |
| Microsoft Internet Explorer 10 |
| Microsoft Internet Explorer 11 |
| Microsoft Excel 2007 |
| Microsoft Excel 2010 |
| Microsoft Excel 2013 |
| Microsoft PowerPoint 2007 |
| Microsoft PowerPoint 2010 |
| Microsoft PowerPoint 2013 |
| Microsoft Visio 2007 |
| Microsoft Visio 2010 |
| Microsoft Visio 2013 |
| Microsoft Word 2007 |
| Microsoft Word 2010 |
| Microsoft Word 2013 |
