Microsoft Word Automation Services — known CVE vulnerabilities
Every CVE whose affected-product data names Microsoft Word Automation Services, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (11)
CVE-2012-2528 — CVSS 9.3 (critical): Use-after-free vulnerability in Microsoft Word 2003 SP3, 2007 SP2 and SP3, and 2010 SP1; Word Viewer; Office Compatibility Pack SP2 and…
CVE-2015-0064 — CVSS 9.3 (critical): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word Automation Services in SharePoint Server 2010, Web Applications 2010 SP2…
CVE-2019-0585 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft…
CVE-2017-8512 — CVSS 8.8 (high): A remote code execution vulnerability exists in Microsoft Office when the software fails to properly handle objects in memory, aka "Office…
CVE-2018-1028 — CVSS 8.8 (high): A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka…
CVE-2016-7290 — CVSS 7.1 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on…
CVE-2016-7291 — CVSS 7.1 (high): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Office Compatibility Pack SP3, Word for Mac 2011, Word Automation Services on…
CVE-2016-7233 — CVSS 6.5 (medium): Microsoft Word 2007, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Excel for Mac 2011, Word Viewer, Office Compatibility Pack SP3…
CVE-2017-0105 — CVSS 5.5 (medium): Microsoft Word 2007 SP3, Office 2010 SP2, Word 2010 SP2, Word for Mac 2011, Office Compatibility Pack SP3, Word Automation Services on…
CVE-2019-0561 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information…
CVE-2018-8378 — CVSS 5.5 (medium): An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable…