Skip to main content

Office Web Apps

100 CVEs product

Monthly

CVE-2013-3848 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Office Web Apps +4
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-3847 CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft RCE Sharepoint Foundation +7
NVD
CVSS 2.0
9.3
EPSS
64.2%
CVE-2013-1330 CRITICAL Emergency

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 67.1% and no vendor patch available.

Microsoft RCE Sharepoint Foundation Sharepoint Portal Server Sharepoint Server +2
NVD
CVSS 2.0
10.0
EPSS
67.1%
Threat
4.0
CVE-2013-1315 CRITICAL POC PATCH THREAT Act Now

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 73.7%.

Buffer Overflow Denial Of Service Microsoft RCE Excel +8
NVD
CVSS 2.0
9.3
EPSS
73.7%
Threat
5.6
CVE-2013-1289 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.0% and no vendor patch available.

Microsoft XSS Groove Server Infopath Office Web Apps +2
NVD
CVSS 2.0
4.3
EPSS
45.0%
CVE-2012-2528 CRITICAL Emergency

Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 56.9% and no vendor patch available.

Microsoft RCE Word Automation Services Office Compatibility Pack Office Web Apps +2
NVD
CVSS 2.0
9.3
EPSS
56.9%
CVE-2012-2520 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Microsoft XSS Groove Server Infopath Lync +5
NVD
CVSS 2.0
4.3
EPSS
24.2%
CVE-2012-1861 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 38.9% and no vendor patch available.

Microsoft XSS Office Web Apps Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
4.3
EPSS
38.9%
CVE-2012-1860 MEDIUM This Month

Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Microsoft Office Web Apps Sharepoint Server
NVD
CVSS 2.0
5.5
EPSS
0.9%
CVE-2012-1859 MEDIUM This Month

Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.3% and no vendor patch available.

Microsoft XSS Office Web Apps Sharepoint Foundation Sharepoint Server
NVD
CVSS 2.0
4.3
EPSS
41.3%
EPSS 64% CVSS 9.3
CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +6
NVD
EPSS 64% CVSS 9.3
CRITICAL Emergency

Microsoft Word Automation Services in SharePoint Server 2010 SP1, Word Web App 2010 SP1 in Office Web Apps 2010, Word 2003 SP3, Word 2007 SP3, Word 2010 SP1, Office Compatibility Pack SP3, and Word. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 64.2% and no vendor patch available.

Buffer Overflow Denial Of Service Microsoft +9
NVD
EPSS 67% 4.0 CVSS 10.0
CRITICAL Emergency

The default configuration of Microsoft SharePoint Portal Server 2003 SP3, SharePoint Server 2007 SP3 and 2010 SP1 and SP2, and Office Web Apps 2010 does not set the EnableViewStateMac attribute,. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. Epss exploitation probability 67.1% and no vendor patch available.

Microsoft RCE Sharepoint Foundation +4
NVD
EPSS 74% 5.6 CVSS 9.3
CRITICAL POC PATCH THREAT Act Now

Microsoft SharePoint Server 2007 SP3, 2010 SP1 and SP2, and 2013; Office Web Apps 2010; Excel 2003 SP3, 2007 SP3, 2010 SP1 and SP2, 2013, and 2013 RT; Office for Mac 2011; Excel Viewer; and Office. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Public exploit code available and EPSS exploitation probability 73.7%.

Buffer Overflow Denial Of Service Microsoft +10
NVD
EPSS 45% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 SP1, Groove Server 2010 SP1, SharePoint Foundation 2010 SP1, and Office Web Apps 2010 SP1 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 45.0% and no vendor patch available.

Microsoft XSS Groove Server +4
NVD
EPSS 57% CVSS 9.3
CRITICAL Emergency

Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and SP3; Word Automation Services on Microsoft SharePoint Server. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. Epss exploitation probability 56.9% and no vendor patch available.

Microsoft RCE Word Automation Services +4
NVD
EPSS 24% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft InfoPath 2007 SP2 and SP3 and 2010 SP1, Communicator 2007 R2, Lync 2010 and 2010 Attendee, SharePoint Server 2007 SP2 and SP3 and 2010 SP1,. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 24.2% and no vendor patch available.

Microsoft XSS Groove Server +7
NVD
EPSS 39% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows remote attackers to. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 38.9% and no vendor patch available.

Microsoft XSS Office Web Apps +2
NVD
EPSS 1% CVSS 5.5
MEDIUM This Month

Microsoft Office SharePoint Server 2007 SP2 and SP3, SharePoint Server 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 do not properly check permissions for search scopes, which allows. Rated medium severity (CVSS 5.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Privilege Escalation Denial Of Service Microsoft +2
NVD
EPSS 41% CVSS 4.3
MEDIUM This Month

Cross-site scripting (XSS) vulnerability in scriptresx.ashx in Microsoft SharePoint Server 2010 Gold and SP1, SharePoint Foundation 2010 Gold and SP1, and Office Web Apps 2010 Gold and SP1 allows. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. Epss exploitation probability 41.3% and no vendor patch available.

Microsoft XSS Office Web Apps +2
NVD
Prev Page 2 of 2

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy