Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information and gain privileges.
Below is a complete list of vulnerabilities:
- Multiple vulnerabilities related to an improper handling of objects in memory in Microsoft Office can be exploited locally via a specially designed file to execute arbitrary code;
- An incorrect handling of objects in memory in Microsoft Graphics Component can be exploited remotely via a specially designed website to execute arbitrary code;
- An improper handling of embedded fonts in Win32k Graphics can be exploited remotely via a specially designed website to execute arbitrary code;
- Multiple vulnerabilities related to an incorrect handling of web requests in Microsoft SharePoint can be exploited remotely by sending a specially designed request to an affected server to gain privileges;
- An improper handing of objects in memory in Windows Graphics Device Interface (GDI) can be exploited locally by running a specially designed application on affected system to obtain sensitive information;
- An improper disclosure of content in memory in Windows Uniscribe can be exploited to obtain sensitive information.
Technical details
NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative.
Ursprüngliche Informationshinweise
- CVE-2017-8567
- CVE-2017-8632
- CVE-2017-8630
- CVE-2017-8631
- CVE-2017-8682
- CVE-2017-8744
- CVE-2017-8745
- CVE-2017-8742
- CVE-2017-8695
- CVE-2017-8696
- CVE-2017-8629
- CVE-2017-8725
- CVE-2017-8676
- CVE-2017-8743
- CVE-2017-8676
- CVE-2017-8682
- CVE-2017-8695
- CVE-2017-8696
- CVE-2017-8745
- CVE-2017-8744
- CVE-2017-8743
- CVE-2017-8742
- CVE-2017-8725
- CVE-2017-8632
- CVE-2017-8631
- CVE-2017-8630
- CVE-2017-8629
- CVE-2017-8567
CVE Liste
- CVE-2017-8676 critical
- CVE-2017-8682 critical
- CVE-2017-8695 critical
- CVE-2017-8696 critical
- CVE-2017-8745 critical
- CVE-2017-8744 critical
- CVE-2017-8743 critical
- CVE-2017-8742 critical
- CVE-2017-8725 critical
- CVE-2017-8632 critical
- CVE-2017-8631 critical
- CVE-2017-8630 critical
- CVE-2017-8629 critical
- CVE-2017-8567 critical
KB Liste
- 3213649
- 3213644
- 3213646
- 3213641
- 3213642
- 3213560
- 4025867
- 3213562
- 3213564
- 3191831
- 4011117
- 3128030
- 4025868
- 3213631
- 4025865
- 4025866
- 4011113
- 3213638
- 4011069
- 3141537
- 4011041
- 4011040
- 4011065
- 4011064
- 4011089
- 4011062
- 4011061
- 4011134
- 3213658
- 3213626
- 3203474
- 3213551
- 3212225
- 4011056
- 4011055
- 4011050
- 4011038
- 4011063
- 4011107
- 3128027
- 4025869
- 4011090
- 4011091
- 3114428
- 4011103
- 4011126
- 4011127
- 3213632
- 4011108
- 4011125
- 4011110
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!