Download
| Alert*
oval:org.secpod.oval:def:6370
Microsoft SharePoint Server 2010 SP1 is installed oval:org.secpod.oval:def:46072 The host is missing a low security update for ADV180015 oval:org.secpod.oval:def:43500 The host is missing an important security update 3114998 oval:org.secpod.oval:def:43436 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:42392 The host is missing an important security update KB3213623 oval:org.secpod.oval:def:42382 The host is missing an important security update KB4011068 oval:org.secpod.oval:def:45024 The host is missing an important security update for KB4011712 oval:org.secpod.oval:def:45390 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45393 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47469 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47465 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:44960 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:54127 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42394 The host is missing an important security update KB4011217 oval:org.secpod.oval:def:45447 The host is missing an important security update for KB4022145 oval:org.secpod.oval:def:10775 The host is installed with Microsoft Infopath 2010, SharePoint Server 2010, SharePoint Foundation 2010, Office Web Apps 2010 or Groove Server 2010 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which is caused by the way that HTML strings are sanitized. ... oval:org.secpod.oval:def:10776 The host is missing an important security update according to Microsoft bulletin, MS13-035. The update is required to fix elevation of privilege vulnerability. A flaw is present in the applications, which is caused by the way that HTML strings are sanitized. Successful exploitation allows attackers ... oval:org.secpod.oval:def:47482 The host is missing an important security update 4022207 oval:org.secpod.oval:def:23795 The host is installed with Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1 or SharePoint Server 2013 Gold or SP1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted r ... oval:org.secpod.oval:def:54216 The host is missing an important security update for KB4464525 oval:org.secpod.oval:def:4144 The host is missing an important security update according to Microsoft security bulletin, MS12-011. The update is required to fix elevation of privilege or information disclosure vulnerabilities. The flaws are present due to improper handling of URL containing malicious JavaScript elements. Success ... oval:org.secpod.oval:def:4142 The host is installed with Microsoft SharePoint Server 2010 and SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present due to improper handling of URL containing malicious JavaScript elements. Successful exploitation could allow attackers to issue SharePoint ... oval:org.secpod.oval:def:4143 The host is installed with Microsoft SharePoint Server 2010 and SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present due to improper handling of URL containing malicious JavaScript elements. Successful exploitation could allow attackers to issue SharePoint ... oval:org.secpod.oval:def:45392 An information disclosure vulnerability exists in Outlook when a message is opened. This vulnerability could potentially result in the disclosure of sensitive information to a malicious site. To exploit the vulnerability, an attacker would have to send a malicious email to a user and convince the us ... oval:org.secpod.oval:def:45462 The host is missing an important security update for KB4022135 oval:org.secpod.oval:def:23798 The host is installed with Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold or SP1, Word 2013 RT Gold or SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold or SP1, Web ... oval:org.secpod.oval:def:23797 The host is installed with Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold or SP1, Word 2013 Gold or SP1, Office 2013 RT Gold or SP1, Word 2013 RT Gold or SP1, Excel Viewer, Office C ... oval:org.secpod.oval:def:23792 The host is missing a critical security update according to Microsoft security bulletin, MS15-022. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:24275 The host is installed with Microsoft Sharepoint Server 2007, 2010, Sharepoint Foundation 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle specially crafted page content. Successful exploitation could allow attackers to ex ... oval:org.secpod.oval:def:24276 The host is missing an important security update according to Microsoft security bulletin, MS15-047. The update is required to fix remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted page content. Successful exploitation could allo ... oval:org.secpod.oval:def:55353 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:55447 The host is missing an important security update for KB4464571 oval:org.secpod.oval:def:44599 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:24307 The host is installed with Office 2010, 2013, Word 2010, 2013, Excel 2010, 2013, Powerpoint 2010,2013, Powerpoint Viewer, Sharepoint Server 2010, 2013, Foundation 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which ... oval:org.secpod.oval:def:24310 The host is missing an important security update according to Microsoft security bulletin, MS15-046. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:17401 The host is missing a critical security update according to Microsoft bulletin, MS14-017. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly allocate memory. Successful exploitation allows attackers to execute arbitrary code or c ... oval:org.secpod.oval:def:17400 The host is installed with Microsoft Word 2003 SP3, 2007 SP3, 2010 SP1, SP2, 2013, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP1, SP2, 2013, Office Web Apps 2010 SP1, SP2 or Office Web Apps Server 2013 and is prone to memory corruption vulnerabili ... oval:org.secpod.oval:def:24102 The host is installed with Microsoft Word 2007, 2010, 2013, Office Compatibility Pack 2007, Sharepoint Server 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle rich text format files. Successful exp ... oval:org.secpod.oval:def:24103 The host is missing a critical security update according to Microsoft security bulletin, MS15-033. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle rich text format files. Successful exploitation could allow attackers to use a sp ... oval:org.secpod.oval:def:24104 The host is installed with Microsoft Word 2007, 2010, Word Viewer, Office Compatibility Pack 2007, Sharepoint Server 2010 or Office Web Apps 2010 and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle crafted office files. Successful exploitation ... oval:org.secpod.oval:def:24105 The host is installed with Microsoft Word 2007, 2010, 2013, Office Compatibility Pack 2007, Sharepoint Server 2010, 2013, Office Web Apps 2010, 2013 or Word Viewer and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle crafted office files. Succe ... oval:org.secpod.oval:def:21370 The host is installed with Microsoft Office 2007, Word 2007, 2010, Office Compatibility Pack, Sharepoint Server 2010 or Office Web Apps 2010 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted word file. Successful exploitation ... oval:org.secpod.oval:def:21371 The host is missing an important security update according to Microsoft security bulletin, MS14-061. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a crafted word file. Successful exploitation could allow an attacker t ... oval:org.secpod.oval:def:25366 The host is installed with Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel Services on SharePoint Server 2010 SP2, or Excel Services on SharePoint Server 2013 SP1 and is prone to a Microsoft Excel ASLR bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted spread ... oval:org.secpod.oval:def:25360 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 and is prone to a me ... oval:org.secpod.oval:def:25359 The host is missing an important security update according to Microsoft security bulletin, MS15-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted office files. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:21879 The host is missing a critical security update according to Microsoft security bulletin, MS14-081. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted Microsoft Word file. Successful exploitation could a ... oval:org.secpod.oval:def:21880 The host is installed with Microsoft Word 2013, Office Web Apps 2010, Server 2013, Word Viewer, Sharepoint Server 2010 or 2013 and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle a specially crafted Microsoft Word file. Successful exploitation ... oval:org.secpod.oval:def:33820 The host is installed with Microsoft Office Compatibility Pack SP3, SharePoint Server 2010, SharePoint Server 2013, Word 2007, Word 2010, Word 2013, Word Viewer, Web Apps 2010 or Web Apps 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to han ... oval:org.secpod.oval:def:33821 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Office Compatibility Pack SP3, SharePoint Server 2007 or SharePoint Server 2010 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objects in memory. An attacker who succe ... oval:org.secpod.oval:def:18563 The host is missing a critical security update according to Microsoft bulletin, MS14-022. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate certain conditions. Successful exploitation allows attackers to run arbitrary c ... oval:org.secpod.oval:def:18570 The host is installed with SharePoint Server 2013 Client Components SDK, Microsoft SharePoint Designer 2007 SP3, 2010 SP1, SP2, 2013, SP1, Microsoft Office Web Apps Server 2013, SP1, Microsoft Windows SharePoint Services 3.0 SP3, SharePoint Server 2007, 2010 SP1, SP2, 2013, Microsoft SharePoint Foun ... oval:org.secpod.oval:def:64212 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:49737 The host is missing an important security update for KB4461569 oval:org.secpod.oval:def:49066 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:39809 The host is missing an important security update KB3191840 oval:org.secpod.oval:def:64342 The host is missing an important security update for KB4484460 oval:org.secpod.oval:def:64326 The host is missing an important security update for KB4484370 oval:org.secpod.oval:def:64209 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64210 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:41235 The host is missing an important security update KB3191902 oval:org.secpod.oval:def:62607 The host is missing an important security update for KB4484297 oval:org.secpod.oval:def:62604 The host is missing an important security update for KB4484293 oval:org.secpod.oval:def:39344 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:39340 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:2263 The host is installed with Microsoft SharePoint Server 2010 or 2010 SP1, or Microsoft SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present in the applications where Microsoft SharePoint does not properly handle malicious JavaScript elements contained withi ... oval:org.secpod.oval:def:2266 The host is installed with Microsoft Office SharePoint Server 2010 or SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present in the application which fails to properly validate user input. Successful exploitation allows remote attackers to disclose sensitive ... oval:org.secpod.oval:def:2268 The host is installed with Microsoft Office Web Apps 2010 or SP1 or Microsoft SharePoint Foundation 2010 or Microsoft Windows SharePoint Services 3.0 Service Pack 2 or Microsoft Groove Server 2010 or SP1 or Microsoft Office SharePoint Server 2010 or SP1 or Microsoft Office SharePoint Server 2007 SP ... oval:org.secpod.oval:def:61937 The host is missing an important security update for KB4475597 oval:org.secpod.oval:def:49142 The host is missing an important security update for KB4461520 oval:org.secpod.oval:def:2260 The host is missing an important security update according to Microsoft security bulletin, MS11-072. The update is required to fix multiple remote code execution vulnerabilities. Multiple flaws are present in the applications, which fail to properly handle different crafted excel files. Successful e ... oval:org.secpod.oval:def:15657 The host is installed with Microsoft Excel SP3, Office 2007 SP3, Office 2010 SP1/SP2, Office 2013, Excel Viewer 2007, Office Compatibility Pack SP3, Office Web Apps 2010,SharePoint Server 2007 SP3, SharePoint Server 2010 SP1/SP2, SharePoint Server 2013 and is prone to remote code execution vulnerabi ... oval:org.secpod.oval:def:49713 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the ... oval:org.secpod.oval:def:2270 The host is installed with Microsoft SharePoint Foundation 2010 or Microsoft Windows SharePoint Services 3.0 Service Pack 2 or Microsoft Windows SharePoint Services 2.0 or Microsoft Office SharePoint Server 2010 and prone to cross-site scripting vulnerability. A flaw is present in the applications w ... oval:org.secpod.oval:def:49723 The host is missing an important security update for KB4461465 oval:org.secpod.oval:def:2257 The host is installed with Microsoft Excel 2003 ,Microsoft Excel 2007 ,Microsoft Office 2007 , Microsoft Excel 2010, Microsoft Excel Viewer , Microsoft Office Compatibility Pack, Excel Services installed on Microsoft Office SharePoint Server 2007, Excel Services installed on Microsoft Office SharePo ... oval:org.secpod.oval:def:2258 Microsoft SharePoint Server 2010 is installed oval:org.secpod.oval:def:63640 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:15686 The host is installed with Microsoft Windows SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, SharePoint Foundation 2013, SharePoint Server 2013 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly sanitize the conte ... oval:org.secpod.oval:def:15683 The host is installed with Microsoft Office Web Apps 2010 SP1 or SharePoint Server 2010 SP1 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly properly handle objects in memory while parsing specially crafted Office files. Successful ex ... oval:org.secpod.oval:def:63642 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the ... oval:org.secpod.oval:def:15684 The host is installed with Microsoft Office Web Apps 2010 SP1 or SharePoint Server 2010 SP1 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly properly handle objects in memory while parsing specially crafted Office files. Successful ex ... oval:org.secpod.oval:def:63084 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:15687 The host is installed with Microsoft Windows 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, SharePoint Foundation 2013, SharePoint Server 2013 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, whic ... oval:org.secpod.oval:def:16534 The host is missing an important security update according to Microsoft bulletin, MS14-001. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory while parsing specially crafted Office ... oval:org.secpod.oval:def:15681 The host is installed with Microsoft Office Web Apps 2010 SP1, SP2 or SharePoint Server 2010 SP1 or SP2 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly properly handle objects in memory while parsing specially crafted Office files. S ... oval:org.secpod.oval:def:15682 The host is installed with Microsoft Office Web Apps 2010 SP1 or SharePoint Server 2010 SP1 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly properly handle objects in memory while parsing specially crafted Office files. Successful ex ... oval:org.secpod.oval:def:15680 The host is installed with Microsoft Office Web Apps 2010 SP1 or SharePoint Server 2010 SP1 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly properly handle objects in memory while parsing specially crafted Office files. Successful ex ... oval:org.secpod.oval:def:16539 The host is installed with Microsoft Word 2003, 2007, 2010, 2013, Office WebApps 2010, 2013, SharePoint server 2010, 2013, Microsoft Office Compatibility or Word Viewer and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle objects i ... oval:org.secpod.oval:def:39755 An elevation of privilege vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Office Web Apps server. The attacker who successfully ... oval:org.secpod.oval:def:49121 The host is missing an important security update for KB4011190 oval:org.secpod.oval:def:15674 The host is missing a critical security update according to Microsoft bulletin, MS13-084. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improperly validates inputs. Successful exploitation allows a ... oval:org.secpod.oval:def:63653 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:15673 Microsoft SharePoint Server 2010 SP2 is installed oval:org.secpod.oval:def:15679 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, SharePoint Foundation 2013, SharePoint Server 2013 and is prone to denial of service vulnerability. A flaw is present in th ... oval:org.secpod.oval:def:15676 The host is installed with Microsoft SharePoint Server 2007 SP3 or before, SharePoint Foundation 2010 or Microsoft SharePoint Services 3.0 and is prone to remote code execution vulnerability. The flaw is present in the applications, which fail to properly properly handle objects in memory while pars ... oval:org.secpod.oval:def:30010 The host is installed with Microsoft SharePoint Server 2010, 2013, Foundation 2013, Office Web Apps 2010 or Web Apps Server 2013 and is prone to a XSS spoofing vulnerability. A flaw is present in the applications, which fail to properly sanitize a specially crafted request. Successful exploitation c ... oval:org.secpod.oval:def:30012 The host is installed with Microsoft SharePoint Server 2007 or 2010 and is prone to an information disclosure vulnerability. A flaw present in the applications, which fail to properly parse the Document Type Definition (DTD) of an XML file. Successful exploitation could allow attackers to browse the ... oval:org.secpod.oval:def:63781 The host is missing an important security update for KB4484414 oval:org.secpod.oval:def:16213 The host is installed with Microsoft Windows SharePoint Server 2010 SP1/SP2 or SharePoint Server 2013 or Microsoft Office Web Apps Server 2013 and is prone to page content vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted page content. Successful explo ... oval:org.secpod.oval:def:7315 The host is missing a critical security update according to Microsoft security bulletin, MS12-064. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle crafted files. Successful exploitation could allow attacker ... oval:org.secpod.oval:def:16212 The host is missing a critical security update according to Microsoft bulletin, MS13-100. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted page content. Successful exploitation allows attackers to execute remote ... oval:org.secpod.oval:def:41019 The host is missing a moderate severity security update KB3203458 oval:org.secpod.oval:def:7313 The host is installed with Microsoft Word 2003 SP3, 2007 SP2, SP3, 2010 SP1; Word Viewer; Office Compatibility Pack SP2, SP3; Word Automation Services on Microsoft SharePoint Server 2010; or Office Web Apps 2010 SP1 and is prone to a use after free vulnerability. A flaw is present in the application ... oval:org.secpod.oval:def:7318 The host is installed with Microsoft Office Web Apps 2010, Microsoft SharePoint Foundation 2010 Service Pack 1, Microsoft Windows SharePoint Services 3.0 Service Pack 2, Microsoft Groove Server 2010 Service Pack 1, Microsoft SharePoint Server 2010 Service Pack 1, Microsoft SharePoint Server 2007 Se ... oval:org.secpod.oval:def:7319 The host is missing an important security update according to Microsoft security bulletin, MS12-066. The update is required to fix elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly validate the HTML strings. Successful exploitation allows attackers t ... oval:org.secpod.oval:def:62509 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:38347 The host is installed with Microsoft Word 2007, 2010, Office compatibility pack, Sharepoint Server 2010 or Web Apps Server 2010 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly initializes affected variables. Successful exploitation cou ... oval:org.secpod.oval:def:38348 The host is installed with Microsoft Word 2007, 2010, Office compatibility pack, Sharepoint Server 2010 or Web Apps Server 2010 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which improperly initializes affected variables. Successful exploitation cou ... oval:org.secpod.oval:def:38342 The host is installed with Microsoft Word 2007, 2010, Office Compatibility Pack, Word Viewer, Sharepoint Server 2010 or Office Web Apps 2010 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to properly initialize affected variables. Successf ... oval:org.secpod.oval:def:8188 The host is installed with Microsoft Office word 2010, 2007, 2003, Office Web Apps 2010, Word Viewer, office Compatibility Pack 2010 or Sharepoint Server 2010 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly parse specially crafted RT ... oval:org.secpod.oval:def:8189 The host is missing a critical security update according to Microsoft bulletin, MS12-079. The update is required to fix remote code execution vulnerability. A flaw is present in the applications, which fail to properly parse specially crafted RTF-formatted data. Successful exploitation allows attack ... oval:org.secpod.oval:def:63179 The host is missing an important security update for KB4484383 oval:org.secpod.oval:def:40517 The host is missing an important security update KB3191839 oval:org.secpod.oval:def:41607 A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:41608 The host is missing an important security update KB2956077 oval:org.secpod.oval:def:55444 The host is missing an important security update for KB4461611 oval:org.secpod.oval:def:31394 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present i ... oval:org.secpod.oval:def:40982 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:45021 The host is missing an important security update for KB4018356 oval:org.secpod.oval:def:44957 A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete d ... oval:org.secpod.oval:def:33823 The host is missing an important security update according to Microsoft security bulletin, MS16-042. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:30006 The host is missing an important security update according to Microsoft security bulletin, MS15-110. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted Microsoft Office file. Successful exploi ... oval:org.secpod.oval:def:30007 The host is installed with Microsoft Excel 2010, 2013, 2016, Sharepoint Server 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:30009 The host is installed with Microsoft Excel 2007, 2010, 2013, 2016, Office Compatibility pack, Excel Viewer 2007, Sharepoint Server 2007, 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:32922 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer 2007, SharePoint Server 2007, SharePoint Server 2010, SharePoint Server 2013 or Web Apps 2010 and is prone to a memory corruption vulnerability. A flaw is pres ... oval:org.secpod.oval:def:31391 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer or Excel Services on SharePoint Server 2007 SP3, 2010 SP2 or 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, ... oval:org.secpod.oval:def:41219 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:37971 The host is missing an important security update according to Microsoft security bulletin, MS16-133. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:37968 The host is installed with Microsoft Excel 2010 or Microsoft SharePoint Server 2010 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrary code. oval:org.secpod.oval:def:37966 The host is installed with Microsoft Word 2007, 2010, 2013, Microsoft Office Compatibility Pack, Microsoft SharePoint Server 2010, 2013, Microsoft Office Web Apps 2010 or Microsoft Office Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, w ... oval:org.secpod.oval:def:39338 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:38338 The host is installed with Microsoft Excel 2007, 2010, 2013, 2016, Office Compatibility Pack, Excel Viewer 2007, Sharepoint Server 2007 or 2010 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fails to properly initialize affected variables. Succe ... oval:org.secpod.oval:def:35630 The host is missing a critical security update according to Microsoft security bulletin, MS16-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:33267 The host is installed with Microsoft Word 2007, Word 2010, Word 2013, Word 2016, Office Compatibility Pack, Word Viewer, Web Apps 2010, Web Apps 2013, Sharepoint server 2010 or Sharepoint server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail ... oval:org.secpod.oval:def:34347 The host is installed with Microsoft Word 2010, Sharepoint Office 2010 or Office Web Apps 2010 and is prone to a Graphics RCE vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary code. oval:org.secpod.oval:def:34346 The host is installed with Microsoft Office 2007, 2010, Sharepoint Office 2010 or Office Web Apps 2010 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary c ... oval:org.secpod.oval:def:34344 The host is missing a critical security update according to Microsoft security bulletin, MS16-054. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:39346 The host is missing an important security update according to Microsoft security bulletin, MS17-002. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbi ... oval:org.secpod.oval:def:37447 The host is missing an important security update according to Microsoft security bulletin, MS16-121. The update is required to fix a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted RTF files. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:37446 The host is installed with Microsoft Word 2007, 2010, 2013, 2016, Office compatibility pack, Word Viewer, Sharepoint Server 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted RTF files. S ... oval:org.secpod.oval:def:35635 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a ... oval:org.secpod.oval:def:32926 The host is missing a critical security update according to Microsoft security bulletin, MS16-015. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted office file. Successful exploitation allows attackers to corrupt ... oval:org.secpod.oval:def:35633 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office ... oval:org.secpod.oval:def:45389 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:40469 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:43488 The host is missing a critical security update 4011609 oval:org.secpod.oval:def:43444 An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wi ... oval:org.secpod.oval:def:40979 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:42369 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:33263 The host is missing an important security update according to Microsoft security bulletin, MS16-028. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:35961 The host is missing an important security update according to Microsoft bulletin, MS16-088. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary cod ... oval:org.secpod.oval:def:35957 The host is installed with Microsoft Word 2010 SP2, Word 2013 SP1, Word 2016, Word Automation Services on SharePoint Server 2010 SP2 or Office Web Apps 2010 SP2 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. ... oval:org.secpod.oval:def:35958 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, SharePoint Server 2016, Office Web Apps 2010 SP2 or ... oval:org.secpod.oval:def:35955 The host is installed with Microsoft Excel 2010 SP2, Powerpoint 2010 SP2, Word 2010 SP2, Excel 2013 SP1, Powerpoint 2013 SP1, Word 2013 SP1, Excel 2016, Word 2016, Word Automation Services on SharePoint Server 2010 SP2 or Office Web Apps 2010 SP2 and is prone to a memory corruption vulnerability. A ... oval:org.secpod.oval:def:37077 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server ... oval:org.secpod.oval:def:37073 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:37078 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:37084 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:37082 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:38336 The host is missing a critical security update according to Microsoft security bulletin, MS16-148. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fails to handle a specially crafted Microsoft Office file. Successful exploitation could allow a ... oval:org.secpod.oval:def:44597 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:44670 The host is missing a security update 4011705 oval:org.secpod.oval:def:47204 The host is missing an important security update for KB4032215 oval:org.secpod.oval:def:49075 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:49711 An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerabi ... oval:org.secpod.oval:def:47124 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:47923 A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with ad ... oval:org.secpod.oval:def:47949 The host is missing an important security update for KB4092481 oval:org.secpod.oval:def:50063 An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly. An attacker who successfully exploited this vulnerability could read arbitrary files from a targeted system. To exploit the vulnerability, an attacker could craft a special document file and convinc ... oval:org.secpod.oval:def:50065 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:58906 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:58974 The host is missing an important security update for KB4462176 oval:org.secpod.oval:def:55356 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:59706 The host is missing an important security update for KB4484159 oval:org.secpod.oval:def:50120 The host is missing an important security update for KB4461612 oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:42055 A remote code execution vulnerability exists in Microsoft Office software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the f ... oval:org.secpod.oval:def:42110 The host is missing an important security update KB4011056 oval:org.secpod.oval:def:23489 The host is installed with Microsoft Word 2007, 2010, Word Viewer, Office Compatibility Pack, Office Web Apps 2010 SP2 or Sharepoint Server 2010 SP2 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted files. Successful exploitati ... oval:org.secpod.oval:def:15685 The host is installed with Microsoft Windows SharePoint Server 2007 SP3, SharePoint Server 2010 SP1, SP2, Office Web Apps 2010 SP1 or SP2 and is prone to remote code execution vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory while parsing speciall ... oval:org.secpod.oval:def:15677 The host is missing a critical security update according to Microsoft bulletin, MS13-067. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle certain vectors and improperly validates inputs. Successful exploitation allows a ... oval:org.secpod.oval:def:23487 The host is missing an important security update according to Microsoft security bulletin, MS15-012. The update is required to fix multiple vulnerabilities. The flaw are present in the applications, which fails to properly handle a crafted file. Successful exploitation could allow attackers to gain ... oval:org.secpod.oval:def:6037 The host is installed with Internet Explorer 8 and 9 or Microsoft Communicator 2007 R2 or Lync 2010 or Lync 2010 Attendee Microsoft InfoPath 2007 or 2010, Microsoft SharePoint Server 2007 or 2010, Microsoft SharePoint Foundation 2010, Microsoft SharePoint Services 3.0 or Microsoft Groove Server 2010 ... oval:org.secpod.oval:def:6378 The host is missing an important security update according to Microsoft bulletin, MS12-050. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted URLs. Successful exploitation results in elevation of privilege or information d ... oval:org.secpod.oval:def:6373 The host is installed with Microsoft SharePoint Server 2010 or SharePoint Foundation 2010 and is prone to cross-site scripting vulnerability. A flaw is present in the applications, which fail to properly handle malicious JavaScript elements contained within a specially crafted URL. Successful exploi ... oval:org.secpod.oval:def:6372 The host is installed with Microsoft SharePoint Server 2007 or 2010 and is prone to information disclosure vulnerability. A flaw is present in the application, which fails to properly validate search scope permissions. Successful exploitation allows attackers to view or tamper with other users' sear ... oval:org.secpod.oval:def:6371 The host is installed with Microsoft SharePoint Server 2010 or SharePoint Foundation 2010 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which fail to properly handle malicious JavaScript elements contained within a specially crafted URL. Successful expl ... oval:org.secpod.oval:def:2264 The host is installed with Microsoft Office SharePoint Server 2007 Service Pack 2 or Microsoft Office SharePoint Server 2010 or SP1 or Microsoft Windows SharePoint Services 3.0 Service Pack 2 or SharePoint Foundation 2010 or SP1 and is prone to information disclosure vulnerability. A flaw is presen ... oval:org.secpod.oval:def:2271 The host is missing an Important security update according to Microsoft security bulletin, MS11-074. The update is required to fix cross-site-scripting and information disclosure vulnerabilities. A flaw is present in the applications, which fails to properly validate inputs. Successful exploitation ... oval:org.secpod.oval:def:1201 The host is installed with Microsoft Internet Explorer and is prone information disclosure vulnerability. A flaw is present in the browser, which fails to handle a crafted Web page. Successful exploitation could allow remote attackers to execute arbitrary code or gain sensitive information. oval:org.secpod.oval:def:71037 The host is missing an important security update for KB4504701 oval:org.secpod.oval:def:70924 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68168 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68169 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68277 The host is missing an important security update for KB4493178 oval:org.secpod.oval:def:67721 The host is missing an important security update for KB4486697 oval:org.secpod.oval:def:67685 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:66955 The host is missing an important security update for KB4486706 oval:org.secpod.oval:def:66908 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66904 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66129 The host is missing an important security update for KB4484531 oval:org.secpod.oval:def:65550 The host is missing an important security update for KB4486664 oval:org.secpod.oval:def:65386 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65378 A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected Shar ... oval:org.secpod.oval:def:65545 The host is missing an important security update for KB4484528 oval:org.secpod.oval:def:65370 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:64981 The host is missing an important security update for KB4484490 oval:org.secpod.oval:def:64918 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64919 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64985 The host is missing an important security update for KB4484498 oval:org.secpod.oval:def:64923 An information disclosure vulnerability exists when Microsoft SharePoint Server fails to properly handle objects in memory. An attacker who successfully exploited this vulnerability could obtain information to further compromise the users system. To exploit the vulnerability, an attacker would have ... oval:org.secpod.oval:def:64926 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64955 The host is missing an important security update for KB4484191 oval:org.secpod.oval:def:15688 The host is installed with Microsoft Windows SharePoint Services 2.0, 3.0 SP3, SharePoint Server 2007 SP3, SharePoint Foundation 2010 SP1, SP2, SharePoint Server 2010 SP1, SP2, Exchange Server 2007, Exchange Server 2010, or Exchange Server 2013 and is prone to remote code execution vulnerability. A ... oval:org.secpod.oval:def:40467 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:61835 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:62516 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64198 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:64204 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:64205 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64206 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64913 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64921 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64929 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:65371 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:66032 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:57960 The host is missing a critical security update for KB4475530 oval:org.secpod.oval:def:57863 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... |