Lucene search
KdotZDI-21-575HistoryMay 13, 2021 - 12:00 a.m.
Microsoft Excel XLS File Parsing Use-After-Free Remote Code Execution Vulnerability
2021-05-1300:00:00
kdot
www.zerodayinitiative.com
32
microsoft excel
xls files
remote code execution
vulnerability
user interaction
parsing
object validation
EPSS
0.007
Percentile
81.1%
This vulnerability allows remote attackers to execute arbitrary code on affected installations of Microsoft Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
mskb
mskb
Description of the security update for Office 2013: May 11, 2021 (KB5001925)
2021-05-11 07:00:00
Description of the security update for Office 2016: May 11, 2021 (KB5001920)
2021-05-11 07:00:00
cve
cve
CVE-2021-31176
2021-05-11 19:15:09
nvd
nvd
CVE-2021-31176
2021-05-11 19:15:09
mscve
mscve
Microsoft Office Remote Code Execution Vulnerability
2021-05-11 07:00:00
openvas
openvas
Microsoft Office Remote Code Execution Vulnerability (KB5001925)
2021-05-12 00:00:00
Microsoft Office 2016 Remote Code Execution Vulnerability (KB5001920)
2021-05-13 00:00:00
prion
prion
Remote code execution
2021-05-11 19:15:00
cvelist
cvelist
CVE-2021-31176 Microsoft Office Remote Code Execution Vulnerability
2021-05-11 19:11:26
nessus
nessus
Security Updates for Microsoft Office Products (May 2021)
2021-05-11 00:00:00
Security Updates for Microsoft Office Products C2R (May 2021)
2022-06-10 00:00:00
kaspersky
kaspersky
KLA12175 Multiple vulnerabilities in Microsoft Office
2021-05-11 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - May 2021
2021-05-11 23:44:00
qualysblog
qualysblog