Lucene search
Jaanus Kรครคp, Clarified SecurityZDI-22-383HistoryFeb 18, 2022 - 12:00 a.m.
Microsoft Office Excel XLS File Parsing Untrusted Pointer Dereference Information Disclosure Vulnerability
2022-02-1800:00:00
Jaanus Kรครคp, Clarified Security
www.zerodayinitiative.com
12
0.001 Low
EPSS
Percentile
25.4%
This vulnerability allows remote attackers to disclose sensitive information on affected installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the parsing of XLS files. The issue results from the lack of proper validation of a user-supplied value prior to dereferencing it as a pointer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the current process.
Related
prion
prion
Information disclosure
2022-02-09 17:15:00
openvas
openvas
Microsoft Excel 2016 RCE Vulnerability (KB5002137)
2022-02-09 00:00:00
Microsoft Excel 2013 RCE Vulnerability (KB5002156)
2022-02-09 00:00:00
Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Feb 2022)
2022-02-09 00:00:00
mscve
mscve
Microsoft Excel Information Disclosure Vulnerability
2022-02-08 08:00:00
nvd
nvd
CVE-2022-22716
2022-02-09 17:15:10
nessus
nessus
Security Updates for Microsoft Excel Products C2R (February 2022)
2022-06-10 00:00:00
Security Updates for Microsoft Excel Products (February 2022)
2022-02-08 00:00:00
Security Updates for Microsoft Office Web Apps (February 2022)
2022-02-08 00:00:00
cve
cve
CVE-2022-22716
2022-02-09 17:15:10
cvelist
cvelist
CVE-2022-22716 Microsoft Excel Information Disclosure Vulnerability
2022-02-09 16:37:06
mskb
mskb
kaspersky
kaspersky
KLA12454 Multiple vulnerabilities in Microsoft Office
2022-02-08 00:00:00
rapid7blog
rapid7blog
Patch Tuesday - February 2022
2022-02-08 20:43:40