| The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them. |
|
 |
|
|
Computer vulnerabilities of Microsoft Access
Office: vulnerabilities of April 2018
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 13.
Creation date: 11/04/2018.
Identifiers: CERTFR-2018-AVI-179, CVE-2018-0920, CVE-2018-0950, CVE-2018-1005, CVE-2018-1007, CVE-2018-1011, CVE-2018-1014, CVE-2018-1026, CVE-2018-1027, CVE-2018-1028, CVE-2018-1029, CVE-2018-1030, CVE-2018-1032, CVE-2018-1034, VIGILANCE-VUL-25832, VU#974272, ZDI-18-292.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office: vulnerabilities of March 2018
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Microsoft OCS, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 14/03/2018.
Identifiers: CERTFR-2018-AVI-130, CVE-2018-0903, CVE-2018-0907, CVE-2018-0909, CVE-2018-0910, CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0919, CVE-2018-0921, CVE-2018-0922, CVE-2018-0923, CVE-2018-0944, CVE-2018-0947, VIGILANCE-VUL-25541.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office: vulnerabilities of December 2017
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Microsoft OCS, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 13/12/2017.
Identifiers: CERTFR-2017-AVI-466, CVE-2017-11934, CVE-2017-11935, CVE-2017-11936, CVE-2017-11939, VIGILANCE-VUL-24756.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office: vulnerabilities of november 2017
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: CERTFR-2017-AVI-408, CVE-2017-11854, CVE-2017-11877, CVE-2017-11878, CVE-2017-11882, CVE-2017-11884, VIGILANCE-VUL-24438, VU#421280, ZDI-17-915, ZDI-17-929.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office: vulnerabilities of October 2017
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 11/10/2017.
Identifiers: CERTFR-2017-AVI-344, CVE-2017-11774, CVE-2017-11776, CVE-2017-11825, CVE-2017-11826, VIGILANCE-VUL-24091.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office/SharePoint: vulnerabilities of September 2017
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 14.
Creation date: 13/09/2017.
Identifiers: CERTFR-2017-AVI-294, CERTFR-2017-AVI-297, CVE-2017-8567, CVE-2017-8629, CVE-2017-8630, CVE-2017-8631, CVE-2017-8632, CVE-2017-8676, CVE-2017-8682, CVE-2017-8695, CVE-2017-8696, CVE-2017-8725, CVE-2017-8742, CVE-2017-8743, CVE-2017-8744, CVE-2017-8745, VIGILANCE-VUL-23824, ZDI-17-727, ZDI-17-730, ZDI-17-732.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office/Outlook: vulnerabilities of August 2017
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/08/2017.
Identifiers: CERTFR-2017-AVI-260, CVE-2017-8571, CVE-2017-8572, CVE-2017-8663, VIGILANCE-VUL-23477.
Description of the vulnerability
An attacker can use several vulnerabilities of Microsoft products.
The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial) |
Microsoft: executing DLL code
Synthesis of the vulnerability
An attacker can create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, SQL Server, Visual Studio.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Creation date: 30/06/2017.
Identifiers: VIGILANCE-VUL-23108.
Description of the vulnerability
The Microsoft product uses external shared libraries (DLL).
However, if the working directory contains a malicious DLL, it is automatically loaded.
An attacker can therefore create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code.
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office PowerPoint: three vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft Office PowerPoint.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 2/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 17/02/2017.
Identifiers: 3204068, 949, 950, 951, MS16-148, VIGILANCE-VUL-21874.
Description of the vulnerability
Several vulnerabilities were announced in Microsoft Office PowerPoint.
An attacker can generate a buffer overflow via MSO!Ordinal5429, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 949]
An attacker can generate a buffer overflow via MSO!Ordinal8038, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 950]
An attacker can generate a buffer overflow via GDI32!ConvertDxArray, in order to trigger a denial of service, and possibly to run code. [severity:2/4; 951]
Full Vigil@nce bulletin... (Free trial) |
Microsoft Office: multiple vulnerabilities
Synthesis of the vulnerability
An attacker can use several vulnerabilities of Microsoft Office.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 4/4.
Consequences: user access/rights, data reading, denial of service on service, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 16.
Creation date: 14/12/2016.
Identifiers: 3204068, CERTFR-2016-AVI-415, CVE-2016-7257, CVE-2016-7262, CVE-2016-7263, CVE-2016-7264, CVE-2016-7265, CVE-2016-7266, CVE-2016-7267, CVE-2016-7268, CVE-2016-7274, CVE-2016-7275, CVE-2016-7276, CVE-2016-7277, CVE-2016-7289, CVE-2016-7290, CVE-2016-7291, CVE-2016-7298-ERROR, CVE-2016-7300, MS16-148, VIGILANCE-VUL-21370.
Description of the vulnerability
Several vulnerabilities were announced in Microsoft Office.
An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7263]
An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7277]
An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code. [severity:4/4; CVE-2016-7289]
An attacker can generate a memory corruption, in order to trigger a denial of service, and possibly to run code (VIGILANCE-VUL-21368). [severity:4/4; CVE-2016-7274, CVE-2016-7298-ERROR]
An attacker can use a vulnerability via OLE DLL, in order to run code. [severity:3/4; CVE-2016-7275]
An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-7267]
An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-7262]
An attacker can bypass security features, in order to escalate his privileges. [severity:2/4; CVE-2016-7266]
An attacker can bypass security features via GDI, in order to obtain sensitive information. [severity:2/4; CVE-2016-7257]
An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7264]
An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7265]
An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7268]
An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7276]
An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7290]
An attacker can bypass security features, in order to obtain sensitive information. [severity:2/4; CVE-2016-7291]
An attacker can bypass security features via MAU, in order to escalate his privileges. [severity:2/4; CVE-2016-7300]
Full Vigil@nce bulletin... (Free trial) |
Our database contains other pages. You can request a free trial to read them.
Display information about Microsoft Access:
|