Skip to main content
CVE-2013-3205 CRITICAL POC THREAT Emergency

Microsoft Internet Explorer 6 through 8 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 81.2%.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD Exploit-DB
CVSS 2.0
9.3
EPSS
81.2%
Threat
5.8
CVE-2013-0810 HIGH POC THREAT Act Now

Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, and Windows Server 2008 SP2 allow remote attackers to execute arbitrary code via a crafted screensaver in a theme file,. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. Public exploit code available and EPSS exploitation probability 82.2%.

Code Injection Microsoft RCE Windows Server 2003 Windows Server 2008 +2
NVD Exploit-DB
CVSS 3.1
8.1
EPSS
82.2%
Threat
5.6
CVE-2013-1315 CRITICAL POC PATCH THREAT Act Now

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 73.7%.

Buffer Overflow Denial Of Service Microsoft RCE Excel +8
NVD
CVSS 2.0
9.3
EPSS
73.7%
Threat
5.6
CVE-2013-3157 CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 73.5% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Access
NVD
CVSS 2.0
9.3
EPSS
73.5%
Threat
4.1
CVE-2013-1330 CRITICAL Emergency

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 67.1% and no vendor patch available.

Microsoft RCE Sharepoint Foundation Sharepoint Portal Server Sharepoint Server +2
NVD
CVSS 2.0
10.0
EPSS
67.1%
Threat
4.0
CVE-2013-3858 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +4
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3857 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1 and SP2, Word Web App 2010 SP1 and SP2 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1 and SP2, Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Sharepoint Server +4
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3849 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +4
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3848 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Web Apps +4
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3847 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Sharepoint Foundation +7
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3155 CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 58.0% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Access
NVD
CVSS 2.0
9.3
EPSS
58.0%
CVE-2013-0081 MEDIUM This Month

Microsoft SharePoint Portal Server 2003 SP3 and SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 do not properly process unassigned workflows, which allows remote attackers to cause a denial of. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 78.4% and no vendor patch available.

Denial Of Service Microsoft Sharepoint Foundation Sharepoint Portal Server Sharepoint Server +1
NVD
CVSS 2.0
5.0
EPSS
78.4%
CVE-2013-3870 CRITICAL POC THREAT Emergency

Double free vulnerability in Microsoft Outlook 2007 SP3 and 2010 SP1 and SP2 allows remote attackers to execute arbitrary code by including many nested S/MIME certificates in an e-mail message, aka. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 36.7%.

Microsoft RCE Outlook
NVD
CVSS 2.0
9.3
EPSS
36.7%
Threat
4.5
CVE-2013-3856 CRITICAL Emergency

Microsoft Word 2003 SP3 and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Word +1
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3855 CRITICAL Emergency

Microsoft Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +2
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3854 CRITICAL Emergency

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office +1
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3853 CRITICAL Emergency

Microsoft Office 2007 SP3 and Word 2007 SP3 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Word Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office +1
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3852 CRITICAL Emergency

Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +2
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3851 CRITICAL Emergency

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, Office Compatibility Pack SP3, and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +2
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3850 CRITICAL Emergency

Microsoft Word 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Word Viewer allow remote attackers to execute arbitrary code or cause a denial of service (memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Compatibility Pack +2
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3158 CRITICAL Emergency

Microsoft Excel 2003 SP3 and 2007 SP3 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Office document, aka "Microsoft Office Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Excel
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3156 CRITICAL Emergency

Microsoft Access 2007 SP3, 2010 SP1 and SP2, and 2013 in Microsoft Office allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted Access file,. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 53.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Access
NVD
CVSS 2.0
9.3
EPSS
53.2%
CVE-2013-3863 CRITICAL Emergency

Microsoft Windows XP SP2 and SP3 and Server 2003 SP2 allow remote attackers to execute arbitrary code via a crafted OLE object in a file, aka "OLE Property Vulnerability.". Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 52.2% and no vendor patch available.

Buffer Overflow Microsoft RCE Windows Xp Windows Server 2003
NVD
CVSS 2.0
9.3
EPSS
52.2%
CVE-2013-3203 CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 42.3% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
42.3%
CVE-2013-3180 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1 and SP2 and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted POST request, aka "POST. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 62.1% and no vendor patch available.

Microsoft XSS Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
4.3
EPSS
62.1%
CVE-2013-3845 CRITICAL Emergency

Microsoft Internet Explorer 8 and 9 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3208 CRITICAL Emergency

Microsoft Internet Explorer 8 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3207 CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3206 CRITICAL Emergency

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 31.1% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
31.1%
CVE-2013-3209 CRITICAL Act Now

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3204 CRITICAL Act Now

Microsoft Internet Explorer 7 through 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3202 CRITICAL Act Now

Microsoft Internet Explorer 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory Corruption. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3201 CRITICAL Act Now

Microsoft Internet Explorer 9 and 10 allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted web site, aka "Internet Explorer Memory. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 27.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Internet Explorer
NVD
CVSS 2.0
9.3
EPSS
27.2%
CVE-2013-3868 MEDIUM This Month

Microsoft Active Directory Lightweight Directory Service (AD LDS) on Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 and Active Directory Services on Windows. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 36.4% and no vendor patch available.

Denial Of Service Microsoft Active Directory Lightweight Directory Service Windows Server 2008 Windows 8 +3
NVD
CVSS 2.0
5.0
EPSS
36.4%
CVE-2013-3160 MEDIUM This Month

Microsoft Office 2003 SP3 and 2007 SP3, Word 2003 SP3 and 2007 SP3, and Word Viewer allow remote attackers to read arbitrary files via an XML document containing an external entity declaration in. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 27.6% and no vendor patch available.

Information Disclosure XXE Microsoft Office Word +1
NVD
CVSS 2.0
5.0
EPSS
27.6%
CVE-2013-3179 MEDIUM POC THREAT This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013 allows remote attackers to inject arbitrary web script or HTML via a crafted request, aka. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 10.6%.

Microsoft XSS Sharepoint Foundation Sharepoint Server Sharepoint Services
NVD Exploit-DB
CVSS 2.0
4.3
EPSS
10.6%
CVE-2013-3159 MEDIUM This Month

Microsoft Excel 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Excel Viewer; and Microsoft Office Compatibility Pack SP3 allow remote attackers to read arbitrary files via an XML document containing an. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 25.4% and no vendor patch available.

XXE Microsoft Excel
NVD
CVSS 2.0
4.3
EPSS
25.4%
CVE-2013-1342 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.8), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 3.1
7.8
EPSS
0.9%
CVE-2013-3865 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2013-3864 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2013-1344 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2013-1343 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
1.0%
CVE-2013-3866 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, Windows 8, Windows Server. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +5
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2013-1341 HIGH This Week

win32k.sys in the kernel-mode drivers in Microsoft Windows XP SP2 and SP3, Windows Server 2003 SP2, Windows Vista SP2, Windows Server 2008 SP2 and R2 SP1, Windows 7 SP1, and Windows 8 allows local. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow Microsoft Windows 2003 Server Windows 7 Windows 8 +3
NVD
CVSS 2.0
7.2
EPSS
0.7%
CVE-2013-3137 MEDIUM This Month

Microsoft FrontPage 2003 SP3 does not properly parse DTDs, which allows remote attackers to obtain sensitive information via crafted XML data in a FrontPage document, aka "XML Disclosure. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 13.7% and no vendor patch available.

Information Disclosure Microsoft Frontpage
NVD
CVSS 2.0
4.3
EPSS
13.7%
CVE-2013-3862 MEDIUM This Month

Double free vulnerability in Microsoft Windows 7 and Server 2008 R2 SP1 allows local users to gain privileges via a crafted service description that is not properly handled by services.exe in the. Rated medium severity (CVSS 6.9). No vendor patch available.

Information Disclosure Microsoft Windows 7 Windows Server 2008
NVD
CVSS 2.0
6.9
EPSS
0.5%
CVE-2013-3859 MEDIUM This Month

Microsoft Pinyin IME 2010, when used in conjunction with Microsoft Office 2010 SP1, does not properly restrict configuration options, which allows local users to gain privileges by starting Internet. Rated medium severity (CVSS 6.9). No vendor patch available.

Privilege Escalation Microsoft Office Pinyin Ime
NVD
CVSS 2.0
6.9
EPSS
0.5%

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy