The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of Microsoft OneNote

vulnerability announce CVE-2018-0920 CVE-2018-0950 CVE-2018-1005

Office: vulnerabilities of April 2018

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, data deletion, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 13.
Creation date: 11/04/2018.
Identifiers: CERTFR-2018-AVI-179, CVE-2018-0920, CVE-2018-0950, CVE-2018-1005, CVE-2018-1007, CVE-2018-1011, CVE-2018-1014, CVE-2018-1026, CVE-2018-1027, CVE-2018-1028, CVE-2018-1029, CVE-2018-1030, CVE-2018-1032, CVE-2018-1034, VIGILANCE-VUL-25832, VU#974272, ZDI-18-292.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2018-0903 CVE-2018-0907 CVE-2018-0909

Microsoft Office: vulnerabilities of March 2018

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Microsoft OCS, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 4/4.
Consequences: user access/rights, data reading, data creation/edition.
Provenance: document.
Number of vulnerabilities in this bulletin: 17.
Creation date: 14/03/2018.
Identifiers: CERTFR-2018-AVI-130, CVE-2018-0903, CVE-2018-0907, CVE-2018-0909, CVE-2018-0910, CVE-2018-0911, CVE-2018-0912, CVE-2018-0913, CVE-2018-0914, CVE-2018-0915, CVE-2018-0916, CVE-2018-0917, CVE-2018-0919, CVE-2018-0921, CVE-2018-0922, CVE-2018-0923, CVE-2018-0944, CVE-2018-0947, VIGILANCE-VUL-25541.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability alert CVE-2017-11934 CVE-2017-11935 CVE-2017-11936

Microsoft Office: vulnerabilities of December 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Microsoft OCS, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 13/12/2017.
Identifiers: CERTFR-2017-AVI-466, CVE-2017-11934, CVE-2017-11935, CVE-2017-11936, CVE-2017-11939, VIGILANCE-VUL-24756.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-11854 CVE-2017-11877 CVE-2017-11878

Microsoft Office: vulnerabilities of november 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 5.
Creation date: 15/11/2017.
Identifiers: CERTFR-2017-AVI-408, CVE-2017-11854, CVE-2017-11877, CVE-2017-11878, CVE-2017-11882, CVE-2017-11884, VIGILANCE-VUL-24438, VU#421280, ZDI-17-915, ZDI-17-929.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2017-11774 CVE-2017-11776 CVE-2017-11825

Microsoft Office: vulnerabilities of October 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 4.
Creation date: 11/10/2017.
Identifiers: CERTFR-2017-AVI-344, CVE-2017-11774, CVE-2017-11776, CVE-2017-11825, CVE-2017-11826, VIGILANCE-VUL-24091.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

vulnerability note CVE-2017-8567 CVE-2017-8629 CVE-2017-8630

Microsoft Office/SharePoint: vulnerabilities of September 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, MOSS, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading, data creation/edition, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 14.
Creation date: 13/09/2017.
Identifiers: CERTFR-2017-AVI-294, CERTFR-2017-AVI-297, CVE-2017-8567, CVE-2017-8629, CVE-2017-8630, CVE-2017-8631, CVE-2017-8632, CVE-2017-8676, CVE-2017-8682, CVE-2017-8695, CVE-2017-8696, CVE-2017-8725, CVE-2017-8742, CVE-2017-8743, CVE-2017-8744, CVE-2017-8745, VIGILANCE-VUL-23824, ZDI-17-727, ZDI-17-730, ZDI-17-732.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability announce CVE-2017-8571 CVE-2017-8572 CVE-2017-8663

Microsoft Office/Outlook: vulnerabilities of August 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word.
Severity: 3/4.
Consequences: user access/rights, data reading.
Provenance: document.
Number of vulnerabilities in this bulletin: 3.
Creation date: 09/08/2017.
Identifiers: CERTFR-2017-AVI-260, CVE-2017-8571, CVE-2017-8572, CVE-2017-8663, VIGILANCE-VUL-23477.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin 23108

Microsoft: executing DLL code

Synthesis of the vulnerability

An attacker can create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code.
Impacted products: Office, Access, Office Communicator, Excel, OneNote, Outlook, PowerPoint, Project, Publisher, Visio, Word, SQL Server, Visual Studio.
Severity: 2/4.
Consequences: user access/rights.
Provenance: intranet server.
Creation date: 30/06/2017.
Identifiers: VIGILANCE-VUL-23108.

Description of the vulnerability

The Microsoft product uses external shared libraries (DLL).

However, if the working directory contains a malicious DLL, it is automatically loaded.

An attacker can therefore create a malicious DLL, and then put it in the current directory of a Microsoft application, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability CVE-2017-8506 CVE-2017-8507 CVE-2017-8508

Microsoft Office: vulnerabilities of June 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft Office.
Impacted products: Office, Excel, OneNote, Outlook, PowerPoint, MOSS, Word.
Severity: 4/4.
Consequences: client access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 10.
Creation date: 14/06/2017.
Identifiers: CERTFR-2017-AVI-177, CVE-2017-8506, CVE-2017-8507, CVE-2017-8508, CVE-2017-8509, CVE-2017-8510, CVE-2017-8511, CVE-2017-8512, CVE-2017-8513, CVE-2017-8514, CVE-2017-8545, VIGILANCE-VUL-22965.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)

computer vulnerability bulletin CVE-2017-0106 CVE-2017-0194 CVE-2017-0195

Microsoft Office: vulnerabilities of April 2017

Synthesis of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.
Impacted products: Office, Excel, OneNote, Outlook.
Severity: 3/4.
Consequences: user access/rights, denial of service on client.
Provenance: document.
Number of vulnerabilities in this bulletin: 6.
Creation date: 12/04/2017.
Identifiers: CERTFR-2017-AVI-108, CVE-2017-0106, CVE-2017-0194, CVE-2017-0195, CVE-2017-0197, CVE-2017-0204, CVE-2017-0207, VIGILANCE-VUL-22418.

Description of the vulnerability

An attacker can use several vulnerabilities of Microsoft products.

The document located in information sources was generated by Vigil@nce from the Microsoft database. It contains details for each product.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about Microsoft OneNote: