Wh1Tc

**Name of the Vulnerable Software and Affected Versions** Microsoft Office Word (affected versions not specified) **Description** An out-of-bounds read allows an unauthorized attacker to disclose information locally. An out-of-bounds read occurs when an application reads data from a memory location outside the boundaries of the intended buffer. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft 365 Apps for Enterprise versions 16.0.1 through 16.0.1 **Description** A use-after-free issue in Microsoft Office Excel allows an unauthorized attacker to execute arbitrary code locally or remotely. This can be achieved by tricking a user into opening a malicious Excel file, which affects the system. **Recommendations** Update Microsoft 365 Apps for Enterprise to a version later than 16.0.1.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office Excel (affected versions not specified) **Description** An out-of-bounds read issue exists in Microsoft Office Excel. This can allow an unauthorized attacker to execute code locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office (affected versions not specified) **Description** A use after free condition exists in Microsoft Office, potentially allowing an unauthorized attacker to execute code locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office Word (affected versions not specified) **Description** An issue exists in Microsoft Office Word where an untrusted pointer dereference can allow an unauthorized attacker to execute code locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel (affected versions not specified) Description: An out-of-bounds read issue exists in Microsoft Office Excel. This allows an unauthorized attacker to execute code locally. The vulnerability enables remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office (affected versions not specified) Description: A free of memory issue not on the heap in Microsoft Office may allow an unauthorized attacker to execute code locally. The vulnerability allows remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel (affected versions not specified) Description: A heap-based buffer overflow exists in Microsoft Office Excel. This issue allows a remote attacker to execute arbitrary code on the affected system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel (affected versions not specified) Description: A use after free issue exists in Microsoft Office Excel. This allows an unauthorized attacker to execute code locally. The vulnerability enables remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Word (affected versions not specified) Description: A buffer over-read issue exists in Microsoft Office Word, potentially allowing a local attacker to disclose information. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel (affected versions not specified) Description: Access of a resource using an incompatible type ('type confusion') in Microsoft Office Excel allows an unauthorized attacker to execute code locally. The vulnerability allows remote attackers to execute arbitrary code and affect the system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** Microsoft Office Excel (affected versions not specified) **Description:** A heap-based buffer overflow in Microsoft Office Excel allows an unauthorized attacker to execute code locally. The vulnerability enables remote attackers to execute arbitrary code and affect the system. **Recommendations:** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions:** Microsoft Office Excel (affected versions not specified) **Description:** A use-after-free vulnerability exists in Microsoft Office Excel. This allows an unauthorized attacker to execute code locally. The vulnerability enables remote attackers to execute arbitrary code and impact the system. **Recommendations:** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel (affected versions not specified) Description: The issue concerns an out-of-bounds read in Microsoft Office Excel, allowing an unauthorized attacker to disclose information locally. This means an attacker could potentially access sensitive data without proper authorization. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Word (affected versions not specified) Description: The issue is related to a use after free condition in Microsoft Office Word, which allows an unauthorized attacker to execute code locally. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Name of the Vulnerable Software and Affected Versions: Microsoft Office Excel (affected versions not specified) Description: The issue is related to a use after free condition in Microsoft Office Excel, which allows an unauthorized attacker to execute code locally. This could potentially lead to malicious activities on the affected system. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office Excel (affected versions not specified) **Description** A heap-based buffer overflow issue in Microsoft Office Excel allows an unauthorized attacker to execute code locally. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office Excel versions 2016 through 2024 Microsoft Office Excel version 365 **Description** The issue is an out-of-bounds read in Microsoft Office Excel, allowing an unauthorized attacker to execute code locally. This can enable remote attackers to execute arbitrary code and affect the system. The vulnerability exists due to the release of an invalid pointer or reference in Microsoft Excel. **Recommendations** For Microsoft Office Excel versions 2016 through 2024, apply the patch in the May 2025 update: KB5002695. For Microsoft Office Excel version 365, apply the patch in the May 2025 update: KB5002695. As a temporary workaround, consider restricting the use of Microsoft Excel until a patch is applied.

Name of the Vulnerable Software and Affected Versions: Azure Portal Windows Admin Center (affected versions not specified) Description: The issue allows an unauthorized attacker to disclose information locally due to external control of file name or path in Azure Portal Windows Admin Center. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Microsoft Office Word (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified) **Description** The issue is related to a use-after-free vulnerability in Microsoft Office Word, which can be exploited by an unauthorized attacker to execute code locally. This vulnerability allows remote attackers to execute arbitrary code and affect the system. **Recommendations** For Microsoft Office Word, update to the latest version that includes the security updates for Microsoft Office for Mac to be protected from this vulnerability. For Microsoft 365 Apps for Enterprise, ensure that the latest security updates are installed to mitigate the risk. As a temporary workaround, consider restricting access to vulnerable components of Microsoft Office Word until a patch is available.