VDB
CVE-2022-35742
CVE-2022-35742
PUBLISHED
CVSS 7.5 HIGH
De multiples vulnérabilités ont été corrigées dans <span class="textit">Microsoft Office</span>. Elles permettent à un attaquant de provoquer un déni de service, un contournement de la fonctionnalité de sécurité et une exécution de code à distance.
EPSS 6.95% · 91.6th percentile
Risk Scores
CVSS v3.1
7.5
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C
EPSS Score
6.95%
91.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Microsoft Outlook 2013 Service Pack 1 | 15.0.0.0 |
| Microsoft | Office | |
| microsoft | outlook | 2013, 15.0.0.0, 2016 |
| Microsoft | Microsoft Office 2019 | 19.0.0 |
| microsoft | 365_apps | 16.0.1 |
| Microsoft | Microsoft Outlook 2016 | 16.0.0.0 |
| microsoft | office_long_term_servicing_channel | 16.0.1, 2021 |
| Microsoft | Microsoft Office LTSC 2021 | 16.0.1 |
| Microsoft | Microsoft 365 Apps for Enterprise | 16.0.1 |
| microsoft | office | 2019, 19.0.0 |
Timeline
- Aug 9, 2022 CVE Published
- Jun 1, 2023 EPSS Score
- Jul 7, 2023 EPSS Score
- Sep 17, 2023 EPSS Score
- Oct 23, 2023 EPSS Score
- Jan 3, 2024 EPSS Score
- Feb 8, 2024 EPSS Score
- Mar 14, 2024 EPSS Score
- May 25, 2024 EPSS Score
- Jun 30, 2024 EPSS Score
- Sep 10, 2024 EPSS Score
- Oct 16, 2024 EPSS Score
References
- Microsoft Outlook Denial of Service Vulnerability vendor-advisory
- https://nvd.nist.gov/vuln/detail/CVE-2022-35742 advisory
- https://msrc.microsoft.com/update-guide/ advisory