This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.
An application installed on the remote Windows host is affected by
multiple remote code execution vulnerabilities.
The version of Microsoft Office installed on the remote Windows host
is affected by multiple remote code execution vulnerabilities due to
improper handling of objects in memory. A remote attacker can exploit
these issues by convincing a user to open a specially crafted file in
Microsoft Office, resulting in the execution of arbitrary code in the
context of the current user.
See also :
Microsoft has released a set of patches for Microsoft Office 2010;
Microsoft Word 2007, 2010, 2013, and 2013 RT; Microsoft Excel 2007,
2010, 2013, 2013 RT, and 2016; Word Viewer; Excel Viewer; SharePoint
Server 2007, 2010, and 2013; Microsoft Office Compatibility Pack; and
Office Web Apps 2010 and 2013.
Risk factor :
High / CVSS Base Score : 9.3
CVSS Temporal Score : 7.7
Public Exploit Available : true
Family: Windows : Microsoft Bulletins
Nessus Plugin ID: 90436 ()
Get Nessus Professional to scan unlimited IPs, run compliance checks & moreBuy Nessus Professional Now