Multiple vulnerabilities in Microsoft Office

Description

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Microsoft Excel can be exploited remotely to bypass security restrictions.
2. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
3. A security feature bypass vulnerability in Microsoft Office can be exploited remotely to bypass security restrictions.
4. A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.

Original advisories

• CVE-2023-36037

• CVE-2023-36041
• CVE-2023-36413
• CVE-2023-36045
• CVE-2023-38177

Exploitation

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

• Microsoft-Office
• Microsoft-Excel
• Microsoft-SharePoint

CVE list

• CVE-2023-36037
  critical
• CVE-2023-36041
  critical
• CVE-2023-36413
  high
• CVE-2023-36045
  critical
• CVE-2023-38177
  high

KB list

• 5002521
• 5002517
• 5002527
• 5002518
• 5002526

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com