Vulnerabilities > Microsoft > Powerpoint Viewer > 2010

DATE CVE VULNERABILITY TITLE RISK
2017-09-13 CVE-2017-8742 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Microsoft products
A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Web Apps 2010 Service Pack 2, and Microsoft Office Compatibility Pack Service Pack 3 when they fail to properly handle objects in memory, aka "PowerPoint Remote Code Execution Vulnerability".
local
low complexity
microsoft CWE-119
7.8
2013-11-06 CVE-2013-3906 Code Injection vulnerability in Microsoft products
GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and November 2013.
local
low complexity
microsoft CWE-94
7.8