Microsoft Powerpoint Viewer vulnerabilities

10 known vulnerabilities affecting microsoft/powerpoint_viewer.

Total CVEs
10
CISA KEV
1
actively exploited
Public exploits
2
Exploited in wild
1
Severity breakdown
CRITICAL5HIGH4MEDIUM1

Vulnerabilities

Page 1 of 1
CVE-2018-8501HIGHCVSS 8.8v2012v2010 32-bit edition2018-10-10
CVE-2018-8501 [HIGH] CVE-2018-8501: A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint.
cvelistv5nvd
CVE-2018-8432HIGHCVSS 7.8v20072018-10-10
CVE-2018-8432 [HIGH] CVE-2018-8432: A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle ob A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows
nvd
CVE-2018-8427MEDIUMCVSS 5.5v20072018-10-10
CVE-2018-8427 [MEDIUM] CWE-200 CVE-2018-8427: An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle An information disclosure vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Information Disclosure Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Windows Server 2008, Microsoft PowerPoint Viewer, Microsoft Excel Viewer.
nvd
CVE-2017-8742HIGHCVSS 7.8v20102017-09-13
CVE-2017-8742 [HIGH] CWE-119 CVE-2017-8742: A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft A remote code execution vulnerability exists in Microsoft PowerPoint 2007 Service Pack 3, Microsoft PowerPoint 2010 Service Pack 2, Microsoft PowerPoint 2013 Service Pack 1, Microsoft PowerPoint 2013 RT Service Pack 1, Microsoft PowerPoint 2016, Microsoft PowerPoint Viewer 2007, Microsoft SharePoint Server 2013 Service Pack 1, Microsoft SharePoint Enterp
nvd
CVE-2013-3906HIGHCVSS 7.8KEVPoCv20102013-11-06
CVE-2013-3906 [HIGH] CWE-94 CVE-2013-3906: GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and GDI+ in Microsoft Windows Vista SP2 and Server 2008 SP2; Office 2003 SP3, 2007 SP3, and 2010 SP1 and SP2; Office Compatibility Pack SP3; and Lync 2010, 2010 Attendee, 2013, and Basic 2013 allows remote attackers to execute arbitrary code via a crafted TIFF image, as demonstrated by an image in a Word document, and exploited in the wild in October and Nov
nvd
CVE-2011-3413CRITICALCVSS 9.3v20072011-12-14
CVE-2011-3413 [CRITICAL] CWE-94 CVE-2011-3413: Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and P Microsoft PowerPoint 2007 SP2; Office 2008 for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; and PowerPoint Viewer 2007 SP2 allow remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via an invalid OfficeArt record in a PowerPoint document, aka "OfficeArt Shape RCE Vulnera
nvd
CVE-2011-0655CRITICALCVSS 9.3v20072011-04-13
CVE-2011-0655 [CRITICAL] CWE-20 CVE-2011-0655: Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Co Microsoft PowerPoint 2007 SP2 and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate TimeColorBehaviorContainer Floating Point records in PowerP
nvd
CVE-2011-0656CRITICALCVSS 9.3v20072011-04-13
CVE-2011-0656 [CRITICAL] CWE-20 CVE-2011-0656: Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Op Microsoft PowerPoint 2002 SP3, 2003 SP3, 2007 SP2, and 2010; Office 2004, 2008, and 2011 for Mac; Open XML File Format Converter for Mac; Office Compatibility Pack for Word, Excel, and PowerPoint 2007 File Formats SP2; PowerPoint Viewer; PowerPoint Viewer 2007 SP2; and PowerPoint Web App do not properly validate PersistDirectoryEntry records in Power
nvd
CVE-2010-2573CRITICALCVSS 9.3v20072010-11-10
CVE-2010-2573 [CRITICAL] CWE-189 CVE-2010-2573: Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2 Integer underflow in Microsoft PowerPoint 2002 SP3 and 2003 SP3, PowerPoint Viewer SP2, and Office 2004 for Mac allows remote attackers to execute arbitrary code via a crafted PowerPoint document, aka "PowerPoint Integer Underflow Causes Heap Corruption Vulnerability."
nvd
CVE-2008-3013CRITICALCVSS 9.3PoCv20032008-09-11
CVE-2008-3013 [CRITICAL] CWE-399 CVE-2008-3013: gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 an gdiplus.dll in GDI+ in Microsoft Internet Explorer 6 SP1, Windows XP SP2 and SP3, Server 2003 SP1 and SP2, Vista Gold and SP1, Server 2008, Office XP SP3, Office 2003 SP2 and SP3, 2007 Microsoft Office System Gold and SP1, Visio 2002 SP2, PowerPoint Viewer 2003, Works 8, Digital Image Suite 2006, SQL Server 2000 Reporting Services SP2, SQL Server 20
nvd