Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
zdiKdotZDI-20-1425
HistoryDec 11, 2020 - 12:00 a.m.

Microsoft Excel XLS File Parsing Integer Signedness Remote Code Execution Vulnerability

2020-12-1100:00:00
kdot
www.zerodayinitiative.com
19

0.01 Low

EPSS

Percentile

83.7%

JSON

This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. Crafted data in an XLS file can trigger a dereference of a user-supplied value as a pointer. An attacker can leverage this vulnerability to execute code in the context of the current process.

Related

mscve 1
prion 1
cve 1
openvas 7
mskb 7
cvelist 1
nvd 1
nessus 6
kaspersky 1
avleonov 1
rapid7blog 1
mscve
mscve
Microsoft Excel Remote Code Execution Vulnerability
2020-12-08 08:00:00
prion
prion
Remote code execution
2020-12-10 00:15:00
cve
cve
CVE-2020-17128
2020-12-10 00:15:15
openvas
openvas
Microsoft Office 2010 Service Pack 2 Remote Code Execution Vulnerability (KB4493140)
2020-12-09 00:00:00
Microsoft Office 2016 Remote Code Execution Vulnerability (KB4486757)
2020-12-09 00:00:00
Microsoft Office Multiple Vulnerabilities (Dec 2020) - Mac OS X
2020-12-09 00:00:00
mskb
mskb
Description of the security update for Office 2010: December 8, 2020
2020-12-08 08:00:00
Description of the security update for Office 2016: December 8, 2020
2020-12-08 08:00:00
Description of the security update for Excel 2013: December 8, 2020
2020-12-08 08:00:00
cvelist
cvelist
CVE-2020-17128 Microsoft Excel Remote Code Execution Vulnerability
2020-12-09 23:36:48
nvd
nvd
CVE-2020-17128
2020-12-10 00:15:15
nessus
nessus
Security Updates for Microsoft Office Products C2R (December 2020)
2022-06-10 00:00:00
Security Updates for Microsoft Office Products (December 2020)
2020-12-08 00:00:00
Security Updates for Microsoft Office (December 2020) (macOS)
2021-01-25 00:00:00
kaspersky
kaspersky
KLA12023 Multiple vulnerabilities in Microsoft Office
2020-12-08 00:00:00
avleonov
avleonov
Vulristics Vulnerability Score, Automated Data Collection and Microsoft Patch Tuesdays Q4 2020
2021-01-11 01:50:44
rapid7blog
rapid7blog
Patch Tuesday - December 2020
2020-12-08 21:36:27

0.01 Low

EPSS

Percentile

83.7%

JSON
Related for ZDI-20-1425
mscve1prion1cve1openvas7mskb7cvelist1nvd1nessus6kaspersky1avleonov1rapid7blog1