Описание
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."
Ссылки
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:microsoft:office:2007:sp3:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_for_mac:2011:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_for_mac:2016:*:*:*:*:*:*:*
EPSS
Процентиль: 93%
0.11255
Средний
7.1 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-125
Связанные уязвимости
CVSS3: 7.1
github
около 3 лет назад
Microsoft Office 2007 SP3, Office 2010 SP2, Office 2013 SP1, Office for Mac 2011, and Office 2016 for Mac allow remote attackers to obtain sensitive information from process memory or cause a denial of service (out-of-bounds read) via a crafted document, aka "Microsoft Office Information Disclosure Vulnerability."
EPSS
Процентиль: 93%
0.11255
Средний
7.1 High
CVSS3
5.8 Medium
CVSS2
Дефекты
CWE-125