Download
| Alert*
oval:org.secpod.oval:def:46072
The host is missing a low security update for ADV180015 oval:org.secpod.oval:def:18566 Microsoft SharePoint Server 2013 SP1 is installed oval:org.secpod.oval:def:43510 The host is missing an important security update 4011653 oval:org.secpod.oval:def:43501 The host is missing a critical security update 4011579 oval:org.secpod.oval:def:43436 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:43437 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:42382 The host is missing an important security update KB4011068 oval:org.secpod.oval:def:44600 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:46358 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45390 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45393 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45038 The host is missing an important security update for KB4018342 oval:org.secpod.oval:def:46363 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47466 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47469 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47465 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:47479 The host is missing an important security update 4092470 oval:org.secpod.oval:def:46430 The host is missing an important security update for KB4022235 oval:org.secpod.oval:def:24113 The host is installed with Microsoft SharePoint Server 2013 or Microsoft SharePoint Foundation 2013 and is prone to a cross-site scripting vulnerability. A flaw is present in the applications, which fail to properly sanitize a specially crafted request. Successful exploitation allows attackers to pe ... oval:org.secpod.oval:def:24114 The host is missing an important security update according to Microsoft bulletin, MS15-036. The update is required to fix a cross-site scripting vulnerability. A flaw is present in the applications, which fail to properly sanitize a specially crafted request. Successful exploitation allows attackers ... oval:org.secpod.oval:def:43506 The host is missing an important security update 4011599 oval:org.secpod.oval:def:44951 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:44954 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted URL to a user of an affected SharePoin ... oval:org.secpod.oval:def:44960 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:54127 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42390 The host is missing an important security update KB4011180 oval:org.secpod.oval:def:50694 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:42048 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:45454 The host is missing an important security update for KB4018390 oval:org.secpod.oval:def:42107 The host is missing an important security update KB4011113 oval:org.secpod.oval:def:23796 The host is installed with Microsoft SharePoint Foundation 2013 Gold and SP1 or SharePoint Server 2013 Gold or SP1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted request. Successful exploitation could allow attackers to exe ... oval:org.secpod.oval:def:23795 The host is installed with Microsoft SharePoint Foundation 2010 SP2, SharePoint Server 2010 SP2, SharePoint Foundation 2013 Gold and SP1 or SharePoint Server 2013 Gold or SP1 and is prone to a cross site scripting vulnerability. A flaw is present in the application, which fails to handle a crafted r ... oval:org.secpod.oval:def:43446 A cross-site-scripting (XSS) vulnerability exists when Microsoft Access does not properly sanitize inputs to image fields edited within Design view. An attacker could exploit the vulnerability by sending a specially crafted file to a victim, or by hosting the file on a web server. The attacker who s ... oval:org.secpod.oval:def:54213 The host is missing an important security update for KB4464511 oval:org.secpod.oval:def:44667 The host is missing a security update 4018298 oval:org.secpod.oval:def:50786 The host is missing a moderate severity security update for KB4462139 oval:org.secpod.oval:def:42371 A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42375 A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42373 A cross-site scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:42378 The host is missing an important security update KB4011170 oval:org.secpod.oval:def:23798 The host is installed with Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word 2013 Gold or SP1, Word 2013 RT Gold or SP1, Word Viewer, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 Gold or SP1, Web ... oval:org.secpod.oval:def:23797 The host is installed with Microsoft Office 2007 SP3, Excel 2007 SP3, PowerPoint 2007 SP3, Word 2007 SP3, Office 2010 SP2, Excel 2010 SP2, PowerPoint 2010 SP2, Word 2010 SP2, Office 2013 Gold or SP1, Word 2013 Gold or SP1, Office 2013 RT Gold or SP1, Word 2013 RT Gold or SP1, Excel Viewer, Office C ... oval:org.secpod.oval:def:23792 The host is missing a critical security update according to Microsoft security bulletin, MS15-022. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:50696 A spoofing vulnerability exists in Microsoft SharePoint when the application does not properly parse HTTP content. An attacker who successfully exploited this vulnerability could trick a user by redirecting the user to a specially crafted website. The specially crafted website could either spoof con ... oval:org.secpod.oval:def:55353 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:55451 The host is missing an important security update for KB4464597 oval:org.secpod.oval:def:20803 The host is missing a critical security update according to Microsoft bulletin, MS14-050. The update is required to fix elevation of privilege vulnerability. The flaw is present in the application, which fails to handle a specially crafted app that uses the SharePoint extensibility model to execute ... oval:org.secpod.oval:def:20804 The host is installed with Microsoft SharePoint Foundation 2013 or Microsoft SharePoint Server 2013 and is prone to a elevation of privilege vulnerability. The flaw is present in the application, which fails to handle a specially crafted app that uses the SharePoint extensibility model to execute ar ... oval:org.secpod.oval:def:44599 A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with a ... oval:org.secpod.oval:def:24307 The host is installed with Office 2010, 2013, Word 2010, 2013, Excel 2010, 2013, Powerpoint 2010,2013, Powerpoint Viewer, Sharepoint Server 2010, 2013, Foundation 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which ... oval:org.secpod.oval:def:24310 The host is missing an important security update according to Microsoft security bulletin, MS15-046. The update is required to fix multiple memory corruption vulnerabilities. The flaws are present in the applications, which fail to handle a crafted file. Successful exploitation could allow attackers ... oval:org.secpod.oval:def:42094 The host is missing an important security update KB3213560 oval:org.secpod.oval:def:24102 The host is installed with Microsoft Word 2007, 2010, 2013, Office Compatibility Pack 2007, Sharepoint Server 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle rich text format files. Successful exp ... oval:org.secpod.oval:def:24103 The host is missing a critical security update according to Microsoft security bulletin, MS15-033. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle rich text format files. Successful exploitation could allow attackers to use a sp ... oval:org.secpod.oval:def:24104 The host is installed with Microsoft Word 2007, 2010, Word Viewer, Office Compatibility Pack 2007, Sharepoint Server 2010 or Office Web Apps 2010 and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle crafted office files. Successful exploitation ... oval:org.secpod.oval:def:24105 The host is installed with Microsoft Word 2007, 2010, 2013, Office Compatibility Pack 2007, Sharepoint Server 2010, 2013, Office Web Apps 2010, 2013 or Word Viewer and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle crafted office files. Succe ... oval:org.secpod.oval:def:25366 The host is installed with Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel Services on SharePoint Server 2010 SP2, or Excel Services on SharePoint Server 2013 SP1 and is prone to a Microsoft Excel ASLR bypass vulnerability. A flaw is present in the applications, which fail to handle a crafted spread ... oval:org.secpod.oval:def:25360 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel Viewer 2007 SP3, Office Compatibility Pack SP3, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, and Excel Services on SharePoint Server 2013 SP1 and is prone to a me ... oval:org.secpod.oval:def:25359 The host is missing an important security update according to Microsoft security bulletin, MS15-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted office files. Successful exploitation could allow attackers to execute ... oval:org.secpod.oval:def:21879 The host is missing a critical security update according to Microsoft security bulletin, MS14-081. The update is required to fix a remote code execution vulnerability. A flaw is present in the applications, which fail to handle a specially crafted Microsoft Word file. Successful exploitation could a ... oval:org.secpod.oval:def:21880 The host is installed with Microsoft Word 2013, Office Web Apps 2010, Server 2013, Word Viewer, Sharepoint Server 2010 or 2013 and is prone to an use after free vulnerability. A flaw is present in the applications, which fail to handle a specially crafted Microsoft Word file. Successful exploitation ... oval:org.secpod.oval:def:33820 The host is installed with Microsoft Office Compatibility Pack SP3, SharePoint Server 2010, SharePoint Server 2013, Word 2007, Word 2010, Word 2013, Word Viewer, Web Apps 2010 or Web Apps 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to han ... oval:org.secpod.oval:def:47919 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:47920 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50060 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:50064 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:50114 The host is missing an important security update for KB4461591 oval:org.secpod.oval:def:18563 The host is missing a critical security update according to Microsoft bulletin, MS14-022. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly validate certain conditions. Successful exploitation allows attackers to run arbitrary c ... oval:org.secpod.oval:def:18571 The host is installed with SharePoint Server 2013 Client Components SDK, Microsoft Office Web Apps Server 2013, SP1, Microsoft SharePoint Server 2013 or Microsoft SharePoint Foundation 2013 and is prone to elevation of privilege vulnerability. A flaw is present in the applications, which fail to pro ... oval:org.secpod.oval:def:18570 The host is installed with SharePoint Server 2013 Client Components SDK, Microsoft SharePoint Designer 2007 SP3, 2010 SP1, SP2, 2013, SP1, Microsoft Office Web Apps Server 2013, SP1, Microsoft Windows SharePoint Services 3.0 SP3, SharePoint Server 2007, 2010 SP1, SP2, 2013, Microsoft SharePoint Foun ... oval:org.secpod.oval:def:64212 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64335 The host is missing an important security update for KB4484443 oval:org.secpod.oval:def:39804 The host is missing an important security update KB3178724 oval:org.secpod.oval:def:49069 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:64322 The host is missing an important security update for KB4484348 oval:org.secpod.oval:def:64323 The host is missing a critical security update 4484353 oval:org.secpod.oval:def:57251 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:41229 The host is missing an important security update KB3213559 oval:org.secpod.oval:def:64209 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:49076 An information disclosure vulnerability exists when Microsoft SharePoint Server improperly discloses its folder structure when rendering specific web pages. An attacker who took advantage of this information disclosure could view the folder path of scripts loaded on the page. To take advantage of th ... oval:org.secpod.oval:def:64210 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62611 The host is missing an important security update for KB4484307 oval:org.secpod.oval:def:26546 The host is missing a critical security update according to Microsoft bulletin, MS15-099. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory or handle a specially crafted Office file. An attacker who succ ... oval:org.secpod.oval:def:49707 An information disclosure vulnerability exists where certain modes of the search function in Microsoft SharePoint Server are vulnerable to cross-site search attacks (a variant of cross-site request forgery, CSRF). When users are simultaneously logged in to Microsoft SharePoint Server and visit a mal ... oval:org.secpod.oval:def:62495 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61836 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:49722 The host is missing an important security update for KB4092472 oval:org.secpod.oval:def:61279 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:61277 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64200 A remote code execution vulnerability exists in PerformancePoint Services for SharePoint Server when the software fails to check the source markup of XML file input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the process responsible for deseri ... oval:org.secpod.oval:def:57353 The host is missing an important security update for KB4475522 oval:org.secpod.oval:def:49730 The host is missing an important security update for KB4461549 oval:org.secpod.oval:def:62498 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63640 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:63642 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted authentication request to an affected SharePoint server. An attacker who successfully exploited this vulnerability could execute malicious code on a vulnerable server in the ... oval:org.secpod.oval:def:63084 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:40522 The host is missing an important security update KB3191880 oval:org.secpod.oval:def:63649 An elevation of privilege vulnerability exists in Microsoft SharePoint. An attacker who successfully exploited this vulnerability could attempt to impersonate another user of the SharePoint server. To exploit this vulnerability, an authenticated attacker would send a specially crafted request to an ... oval:org.secpod.oval:def:40531 The host is missing an important security update KB3191913 oval:org.secpod.oval:def:63091 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:61342 The host is missing an important security update for KB4484264 oval:org.secpod.oval:def:62572 The host is missing a security update 4011584 oval:org.secpod.oval:def:39755 An elevation of privilege vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected Office Web Apps server. The attacker who successfully ... oval:org.secpod.oval:def:49129 The host is missing an important security update for KB4461483 oval:org.secpod.oval:def:63652 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:63778 The host is missing an important security update for KB4484405 oval:org.secpod.oval:def:30010 The host is installed with Microsoft SharePoint Server 2010, 2013, Foundation 2013, Office Web Apps 2010 or Web Apps Server 2013 and is prone to a XSS spoofing vulnerability. A flaw is present in the applications, which fail to properly sanitize a specially crafted request. Successful exploitation c ... oval:org.secpod.oval:def:30011 The host is installed with Sharepoint Server 2013 or Sharepoint Foundation 2013 and is prone to a security feature bypass vulnerability. A flaw is present in the applications, which fail to properly enforce the appropriate permission level for an application or user. Successful exploitation could al ... oval:org.secpod.oval:def:61928 The host is missing an important security update for KB4475606 oval:org.secpod.oval:def:61927 The host is missing an important security update for KB4484150 oval:org.secpod.oval:def:41019 The host is missing a moderate severity security update KB3203458 oval:org.secpod.oval:def:62509 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:62502 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:62501 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:41022 The host is missing an important security update KB3203384 oval:org.secpod.oval:def:41023 The host is missing a moderate severity security update KB3203430 oval:org.secpod.oval:def:63176 The host is missing an important security update for KB4484352 oval:org.secpod.oval:def:41020 The host is missing a moderate severity security update KB3203432 oval:org.secpod.oval:def:41021 The host is missing an important security update KB3203390 oval:org.secpod.oval:def:41024 The host is missing an important security update KB3172445 oval:org.secpod.oval:def:41025 The host is missing security update for KB3203387 oval:org.secpod.oval:def:62513 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:40512 The host is missing an important security update KB3162040 oval:org.secpod.oval:def:40517 The host is missing an important security update KB3191839 oval:org.secpod.oval:def:31394 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Automation Services on SharePoint Server 2010 SP2 and 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present i ... oval:org.secpod.oval:def:40981 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:40982 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:45035 The host is missing an important security update for KB4018343 oval:org.secpod.oval:def:45037 The host is missing an important security update for KB4011586 oval:org.secpod.oval:def:45032 The host is missing an important security update for KB4018341 oval:org.secpod.oval:def:44957 A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts. An attacker who successfully exploited this vulnerability could take control of the affected system. An attacker could then install programs; view, change, or delete d ... oval:org.secpod.oval:def:86117 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:86116 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:85448 The host is missing an important security update for KB5002235 oval:org.secpod.oval:def:85454 The host is missing an important security update for KB5002303 oval:org.secpod.oval:def:85453 The host is missing an important security update for KB5002302 oval:org.secpod.oval:def:83896 The host is missing an important security update for KB5002159 oval:org.secpod.oval:def:83866 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83867 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83901 The host is missing an important security update for KB5002264 oval:org.secpod.oval:def:83902 The host is missing an important security update for KB5002267 oval:org.secpod.oval:def:83864 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:83865 Microsoft SharePoint Remote Code Execution Vulnerability oval:org.secpod.oval:def:33823 The host is missing an important security update according to Microsoft security bulletin, MS16-042. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:30006 The host is missing an important security update according to Microsoft security bulletin, MS15-110. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to properly handle crafted Microsoft Office file. Successful exploi ... oval:org.secpod.oval:def:30007 The host is installed with Microsoft Excel 2010, 2013, 2016, Sharepoint Server 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow attackers to execute arbitrary co ... oval:org.secpod.oval:def:30009 The host is installed with Microsoft Excel 2007, 2010, 2013, 2016, Office Compatibility pack, Excel Viewer 2007, Sharepoint Server 2007, 2010 or 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to properly handle objects in memory. Successful ... oval:org.secpod.oval:def:32922 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer 2007, SharePoint Server 2007, SharePoint Server 2010, SharePoint Server 2013 or Web Apps 2010 and is prone to a memory corruption vulnerability. A flaw is pres ... oval:org.secpod.oval:def:31395 The host is installed with Microsoft Excel 2010 SP2, Excel 2013 SP1, Excel 2016 or Excel Services on SharePoint Server 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploitat ... oval:org.secpod.oval:def:31391 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer or Excel Services on SharePoint Server 2007 SP3, 2010 SP2 or 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is present in the applications, ... oval:org.secpod.oval:def:41219 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:37971 The host is missing an important security update according to Microsoft security bulletin, MS16-133. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle crafted data. Successful exploitation could allow attackers to execute arbitrar ... oval:org.secpod.oval:def:37966 The host is installed with Microsoft Word 2007, 2010, 2013, Microsoft Office Compatibility Pack, Microsoft SharePoint Server 2010, 2013, Microsoft Office Web Apps 2010 or Microsoft Office Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, w ... oval:org.secpod.oval:def:37959 The host is installed with Microsoft Word 2007, 2010, Office Compatibility Pack, Word Viewer, SharePoint Server 2013 or Office Web Apps 2010 and is prone to an information disclosure vulnerability. A flaw is present in the applications, which fail to handle an uninitialized variable. An attacker who ... oval:org.secpod.oval:def:39338 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:42051 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:35630 The host is missing a critical security update according to Microsoft security bulletin, MS16-070. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitr ... oval:org.secpod.oval:def:33267 The host is installed with Microsoft Word 2007, Word 2010, Word 2013, Word 2016, Office Compatibility Pack, Word Viewer, Web Apps 2010, Web Apps 2013, Sharepoint server 2010 or Sharepoint server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail ... oval:org.secpod.oval:def:32605 The host is installed with Microsoft SharePoint Foundation or Server 2013 and is prone to a security feature bypass vulnerability. The flaws are present in the Microsoft SharePoint when Access Control Policy (ACP), which fails to handle modification of webpart. Successful exploitation could allow re ... oval:org.secpod.oval:def:32607 The host is missing a critical security update according to Microsoft security bulletin, MS16-004. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful exploit ... oval:org.secpod.oval:def:32606 The host is installed with Microsoft SharePoint Foundation or Server 2013 and is prone to a security feature bypass vulnerability. The flaws are present in the Microsoft SharePoint when Access Control Policy (ACP), which fails to handle modification of webpart. Successful exploitation could allow re ... oval:org.secpod.oval:def:39346 The host is missing an important security update according to Microsoft security bulletin, MS17-002. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbi ... oval:org.secpod.oval:def:37447 The host is missing an important security update according to Microsoft security bulletin, MS16-121. The update is required to fix a memory corruption vulnerability. A flaw is present in the applications, which fail to handle crafted RTF files. Successful exploitation could allow attackers to execut ... oval:org.secpod.oval:def:37446 The host is installed with Microsoft Word 2007, 2010, 2013, 2016, Office compatibility pack, Word Viewer, Sharepoint Server 2010, 2013, Office Web Apps 2010 or 2013 and is prone to a remote code execution vulnerability. A flaw is present in the applications, which fail to handle crafted RTF files. S ... oval:org.secpod.oval:def:32921 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, SharePoint Server 2013 or Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objec ... oval:org.secpod.oval:def:32920 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, SharePoint Server 2013 or Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objec ... oval:org.secpod.oval:def:35635 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a ... oval:org.secpod.oval:def:32926 The host is missing a critical security update according to Microsoft security bulletin, MS16-015. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted office file. Successful exploitation allows attackers to corrupt ... oval:org.secpod.oval:def:35633 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2013 RT SP1, Office 2016, Word 2016, Office Compatibility Pack SP3, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, Office Web Apps 2010 SP2, Office ... oval:org.secpod.oval:def:32919 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, SharePoint Server 2013 or Web Apps Server 2013 and is prone to a memory corruption vulnerability. A flaw is present in the applications, which fail to handle objec ... oval:org.secpod.oval:def:45389 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:40469 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:45450 The host is missing an important security update for KB4018388 oval:org.secpod.oval:def:43444 An Office RTF remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle RTF files. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on wi ... oval:org.secpod.oval:def:40979 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:42369 A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administ ... oval:org.secpod.oval:def:33263 The host is missing an important security update according to Microsoft security bulletin, MS16-028. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to handle a specially crafted Microsoft Office file. An attacker who successfully exploit ... oval:org.secpod.oval:def:35961 The host is missing an important security update according to Microsoft bulletin, MS16-088. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle objects in memory. Successful exploitation could allow to execute arbitrary cod ... oval:org.secpod.oval:def:35958 The host is installed with Microsoft Word 2007 SP3, Word 2010 SP2, Word 2013 SP1, Word 2016, Office Compatibility Pack SP3, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, Word Automation Services on SharePoint Server 2013 SP1, SharePoint Server 2016, Office Web Apps 2010 SP2 or ... oval:org.secpod.oval:def:37077 The host is installed with Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office 2016, Word Viewer, Word Automation Services on SharePoint Server 2010 SP2, SharePoint Server 2013 SP1, Excel Automation Services on SharePoint Server 2013 SP1, Word Automation Services on SharePoint Server ... oval:org.secpod.oval:def:37073 The host is missing a critical security update according to Microsoft security bulletin, MS16-107. The update is required to fix multiple vulnerabilities. The flaws are present in the applications, which fail to properly handle a specially crafted Microsoft Office file. Successful exploitation could ... oval:org.secpod.oval:def:37078 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:37084 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:37082 The host is installed with Microsoft Excel 2007 SP3, Excel 2010 SP2, Excel 2013 SP1, Excel 2016, Office Compatibility Pack SP3, Excel Viewer, Excel Services on SharePoint Server 2007 SP3, Excel Services on SharePoint Server 2010 SP2, Excel Automation Services on SharePoint Server 2013 SP1 and is pro ... oval:org.secpod.oval:def:37080 The host is installed with Microsoft PowerPoint 2007 SP3, PowerPoint 2010 SP2, PowerPoint 2013 SP1, Office Compatibility Pack SP3, PowerPoint Viewer, SharePoint Server 2013 SP1, Office Web Apps 2010 SP2 or Office Web Apps Server 2013 SP1 and is prone to a memory corruption vulnerability. A flaw is p ... oval:org.secpod.oval:def:44597 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:44660 The host is missing a security update 4011688 oval:org.secpod.oval:def:47200 The host is missing an important security update for KB4022236 oval:org.secpod.oval:def:49712 A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with admi ... oval:org.secpod.oval:def:47196 The host is missing an important security update for KB4018392 oval:org.secpod.oval:def:47199 The host is missing an important security update for KB4022234 oval:org.secpod.oval:def:47124 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:50065 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:58906 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:58975 The host is missing an important security update for KB4462215 oval:org.secpod.oval:def:59702 The host is missing an important security update for KB4484151 oval:org.secpod.oval:def:50113 The host is missing an important security update for KB4461589 oval:org.secpod.oval:def:75331 The host is missing a critical security update 5001924 oval:org.secpod.oval:def:75330 The host is missing an important security update 4493202 oval:org.secpod.oval:def:75281 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:73212 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:73242 The host is missing a critical security update 5001954 oval:org.secpod.oval:def:73230 The host is missing a critical security update 4011698 oval:org.secpod.oval:def:73215 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77639 Microsoft SharePoint Server Spoofing Vulnerability. Microsoft SharePoint Server fails to handle a specially crafted functionality on a SharePoint page. Successful exploitation could allow an attacker to perform spoofing. oval:org.secpod.oval:def:77635 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:31365 The host is missing an important security update according to Microsoft security bulletin, MS15-116. The update is required to fix multiple remote code execution vulnerabilities. The flaws are present in the applications, which fail to handle specially crafted Microsoft Office file. Successful explo ... oval:org.secpod.oval:def:81573 The host is missing an important security update for KB5002062 oval:org.secpod.oval:def:81574 The host is missing an important security update for KB5002167 oval:org.secpod.oval:def:81504 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:81508 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81507 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81506 Microsoft Office Information Disclosure Vulnerability oval:org.secpod.oval:def:81505 Microsoft SharePoint Server Remote Code Execution Vulnerability oval:org.secpod.oval:def:77107 The host is missing a critical security update 5001995 oval:org.secpod.oval:def:77112 The host is missing a critical security update 5002102 oval:org.secpod.oval:def:76452 The host is missing an important security update for KB5002008 oval:org.secpod.oval:def:76397 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:75860 The host is missing an important security update 5002063 oval:org.secpod.oval:def:74329 The host is missing an important security update for KB4011600 oval:org.secpod.oval:def:74301 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73728 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73729 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:73859 The host is missing a moderate severity security update for KB5001984 oval:org.secpod.oval:def:71029 The host is missing an important security update for KB4493201 oval:org.secpod.oval:def:71030 The host is missing an important security update for KB4493170 oval:org.secpod.oval:def:70930 Microsoft SharePoint Denial of Service Update oval:org.secpod.oval:def:70924 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68260 The host is missing an important security update for KB4486736 oval:org.secpod.oval:def:68258 The host is missing an important security update for KB4486683 oval:org.secpod.oval:def:68259 The host is missing an important security update for KB4486724 oval:org.secpod.oval:def:68167 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:68168 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:68169 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:66961 The host is missing an important security update for KB4486723 oval:org.secpod.oval:def:66908 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66904 The host is installed with Microsoft SharePoint products and is prone to a spoofing vulnerability. A flaw is present in the application, which fails to handle unspecified vectors. Successful exploitation could allow a remote attacker to perform spoofing attacks. oval:org.secpod.oval:def:66137 The host is missing an important security update for KB4486687 oval:org.secpod.oval:def:65538 The host is missing an important security update for KB4484515 oval:org.secpod.oval:def:65388 A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren't properly protected from unsafe data input. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint server farm account ... oval:org.secpod.oval:def:65386 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65380 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65381 A remote code execution vulnerability exists in Microsoft SharePoint Server when it fails to properly identify and filter unsafe ASP.Net web controls. An authenticated attacker who successfully exploited the vulnerability could use a specially crafted page to perform actions in the security context ... oval:org.secpod.oval:def:65378 A tampering vulnerability exists when Microsoft SharePoint Server fails to properly handle profile data. An attacker who successfully exploited this vulnerability could modify a targeted user's profile data. To exploit the vulnerability, an attacker would need to be authenticated on an affected Shar ... oval:org.secpod.oval:def:65379 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:65537 The host is missing an important security update for KB4484514 oval:org.secpod.oval:def:65539 The host is missing an important security update for KB4484516 oval:org.secpod.oval:def:65373 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65527 The host is missing a critical security update for KB4484480 oval:org.secpod.oval:def:65367 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:65370 A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the SharePoint application pool and the SharePoint se ... oval:org.secpod.oval:def:64975 The host is missing an important security update for KB4484478 oval:org.secpod.oval:def:64917 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64918 A spoofing vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint server. The attacke ... oval:org.secpod.oval:def:64976 The host is missing an important security update for KB4484479 oval:org.secpod.oval:def:64925 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64926 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:64954 The host is missing an important security update for KB4484183 oval:org.secpod.oval:def:57244 An authentication bypass vulnerability exists in Windows Communication Foundation (WCF) and Windows Identity Foundation (WIF), allowing signing of SAML tokens with arbitrary symmetric keys. This vulnerability allows an attacker to impersonate another user, which can lead to elevation of privileges. ... oval:org.secpod.oval:def:40467 A remote code execution vulnerability exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. Th ... oval:org.secpod.oval:def:75282 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:75806 Microsoft Excel Remote Code Execution Vulnerability oval:org.secpod.oval:def:77054 Microsoft Office Remote Code Execution Vulnerability oval:org.secpod.oval:def:77633 Microsoft Office Remote Code Execution Vulnerability. Successfully exploitation allows an attacker to read uninitialized memory. oval:org.secpod.oval:def:61830 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:61835 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:62516 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64198 An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory. An attacker who successfully exploited the vulnerability could view out of bound memory. Exploitation of the vulnerab ... oval:org.secpod.oval:def:64204 An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special docume ... oval:org.secpod.oval:def:64205 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64206 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:64913 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:64921 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:64929 An information disclosure vulnerability exists when Microsoft Word improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special document ... oval:org.secpod.oval:def:65371 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... oval:org.secpod.oval:def:65372 An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory. An attacker who exploited the vulnerability could use the information to compromise the users computer or data. To exploit the vulnerability, an attacker could craft a special documen ... oval:org.secpod.oval:def:66032 A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administr ... oval:org.secpod.oval:def:47959 The host is missing an important security update for KB4461450 oval:org.secpod.oval:def:47924 An elevation of privilege vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint serv ... oval:org.secpod.oval:def:88928 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:88133 The host is missing an important security update for KB5002367 oval:org.secpod.oval:def:88034 Microsoft SharePoint Server Spoofing Vulnerability oval:org.secpod.oval:def:88124 The host is missing an important security update for KB5002168 oval:org.secpod.oval:def:87561 The host is missing a critical security update for KB5002346 oval:org.secpod.oval:def:87562 The host is missing a critical security update for KB5002347 oval:org.secpod.oval:def:87554 The host is missing a critical security update for KB5002312 oval:org.secpod.oval:def:87477 Microsoft Word Remote Code Execution Vulnerability oval:org.secpod.oval:def:87478 Microsoft SharePoint Server Elevation of Privilege Vulnerability oval:org.secpod.oval:def:57958 The host is missing an important security update for KB4475557 oval:org.secpod.oval:def:57865 A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server. An authenticated attacker could exploit the vulnerability by sending a specially crafted request to an affected SharePoint s ... oval:org.secpod.oval:def:57959 The host is missing a critical security update for KB4462137 oval:org.secpod.oval:def:57863 A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the fil ... |