Microsoft » Office : Security Vulnerabilities, CVEs, (XSS) CVSS score >= 2

CVE-2017-8550

A remote code execution vulnerability exists in Skype for Business when the software fails to sanitize specially crafted content, aka "Skype for Business Remote Code Execution Vulnerability".
Max CVSS
5.4
EPSS Score
27.22%
Published
2017-06-15
Updated
2019-03-19

CVE-2015-1639

Cross-site scripting (XSS) vulnerability in Microsoft Office for Mac 2011 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, aka "Microsoft Outlook App for Mac XSS Vulnerability."
Max CVSS
4.3
EPSS Score
4.39%
Published
2015-04-14
Updated
2018-10-12

CVE-2008-4020

Cross-site scripting (XSS) vulnerability in Microsoft Office XP SP3 allows remote attackers to inject arbitrary web script or HTML via a document that contains a "Content-Disposition: attachment" header and is accessed through a cdo: URL, which renders the content instead of raising a File Download dialog box, aka "Vulnerability in Content-Disposition Header Vulnerability."
Max CVSS
4.3
EPSS Score
18.82%
Published
2008-10-15
Updated
2018-10-12
3 vulnerabilities found
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!
Accept Close