- Home
- CVEs with nessus.description==The Microsoft Office Compatibility Products are missing
security updates. It is, therefore, affected by multiple
vulnerabilities :
- An information disclosure vulnerability exists when
Office renders Rich Text Format (RTF) email messages
containing OLE objects when a message is opened or
previewed. This vulnerability could potentially result
in the disclosure of sensitive information to a
malicious site. (CVE-2018-0950)
- A remote code execution vulnerability exists in
Microsoft Excel software when the software fails to
properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run
arbitrary code in the context of the current user. If
the current user is logged on with administrative user
rights, an attacker could take control of the affected
system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full
user rights. (CVE-2018-1027, CVE-2018-1029)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top