Описание
Microsoft Excel Denial of Service Vulnerability
FAQ
How could an attacker exploit this vulnerability?
The attacker could exploit this vulnerability by convincing a victim to open a specially crafted XLSX file which when opened would cause a denial-of-service condition for other processes running on that machine.
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
According to the CVSS metric, the attack vector is network (AV:N). What does that mean for this vulnerability?
An attacker could trigger this vulnerability by convincing a victim to access a malicious file via a network connection or by downloading and opening the malicious file locally. In the worst case scenario, the malicious file could be triggered with a web request (AV:N). When multiple attack vectors can be used, we assign a score based on the scenario with the higher risk.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Office Web Apps Server 2013 Service Pack 1 | ||
| Microsoft Office Online Server |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
DOS
EPSS
6.5 Medium
CVSS3
Связанные уязвимости
Microsoft Excel Denial of Service Vulnerability
Уязвимость пакетов программ Microsoft Office, связанная с некорректной зачисткой или освобождением ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
EPSS
6.5 Medium
CVSS3