Lucene search
HistoryNov 14, 2023 - 6:15 p.m.
CVE-2023-36045
cve-2023-36045
microsoft office
graphics
remote code execution
vulnerability
nvd
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.3%
Microsoft Office Graphics Remote Code Execution Vulnerability
Affected configurations
Node
microsoftmicrosoft_office_2019Match19.0.0
ORmicrosoft365_appsMatch16.0.1
ORmicrosoftmicrosoft_office_ltsc_for_mac_2021Range16.0.1–16.79.23111019
ORmicrosoftmicrosoft_office_ltsc_2021Match16.0.1
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | microsoft_office_2019 | 19.0.0 | cpe:2.3:a:microsoft:microsoft_office_2019:19.0.0:*:*:*:*:*:*:* |
| microsoft | 365_apps | 16.0.1 | cpe:2.3:a:microsoft:365_apps:16.0.1:*:*:*:*:*:*:* |
| microsoft | microsoft_office_ltsc_for_mac_2021 | * | cpe:2.3:a:microsoft:microsoft_office_ltsc_for_mac_2021:*:*:*:*:*:*:*:* |
| microsoft | microsoft_office_ltsc_2021 | 16.0.1 | cpe:2.3:a:microsoft:microsoft_office_ltsc_2021:16.0.1:*:*:*:*:*:*:* |
CNA Affected
[
{
"vendor": "Microsoft",
"product": "Microsoft Office 2019",
"cpes": [
"cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "19.0.0",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft 365 Apps for Enterprise",
"cpes": [
"cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*"
],
"platforms": [
"32-bit Systems",
"x64-based Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC for Mac 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:macos:*:*"
],
"platforms": [
"Unknown"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "16.79.23111019",
"versionType": "custom",
"status": "affected"
}
]
},
{
"vendor": "Microsoft",
"product": "Microsoft Office LTSC 2021",
"cpes": [
"cpe:2.3:a:microsoft:office_long_term_servicing_channel:2021:*:*:*:*:*:*:*"
],
"platforms": [
"x64-based Systems",
"32-bit Systems"
],
"versions": [
{
"version": "16.0.1",
"lessThan": "https://aka.ms/OfficeSecurityReleases",
"versionType": "custom",
"status": "affected"
}
]
}
]Related
mscve
mscve
Microsoft Office Graphics Remote Code Execution Vulnerability
2023-11-14 08:00:00
prion
prion
Remote code execution
2023-11-14 18:15:00
zdi
zdi
nvd
nvd
CVE-2023-36045
2023-11-14 18:15:35
cvelist
cvelist
CVE-2023-36045 Microsoft Office Graphics Remote Code Execution Vulnerability
2023-11-14 17:57:32
cnvd
cnvd
Microsoft Office Graphics Code Execution Vulnerability
2023-11-16 00:00:00
nessus
nessus
openvas
openvas
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2023)
2023-11-16 00:00:00
kaspersky
kaspersky
KLA61981 Multiple vulnerabilities in Microsoft Office
2023-11-14 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - November 2023
2023-11-14 21:27:09
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
7.8 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
45.3%
Related for CVE-2023-36045