CVE-2021-31941
Description
Microsoft Office Graphics Remote Code Execution Vulnerability
Risk Information
Base Score
7.7
MODERATE
Vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C
EPSS Score
Exploitation Probability
5.642
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Microsoft Office Graphics Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5001950) 32-Bit Edition | Windows |
| Microsoft Office Graphics Remote Code Execution Vulnerability for Microsoft Office 2016 (KB5001950) 64-Bit Edition | Windows |
| Microsoft Office Graphics Remote Code Execution Vulnerability for Microsoft Office 2013 (KB5001953) 64-Bit Edition | Windows |
| Microsoft Office Graphics Remote Code Execution Vulnerability for Microsoft Office 2013 (KB5001953) 32-Bit Edition | Windows |
| Microsoft Office Graphics Remote Code Execution Vulnerability for Microsoft Outlook 2013 (KB5001934) 64-Bit Edition | Windows |
| Microsoft Office Graphics Remote Code Execution Vulnerability for Microsoft Outlook 2013 (KB5001934) 32-Bit Edition | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Office 2019 for x86 1808 of version(10375.20036) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Office 2019 x64 1808 (Build:10375.20036) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Office 2019 for x64 1808 of version(10375.20036) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21668) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21668) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21668) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21668) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21668) (Online Installer) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20738) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20738) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20738) (Online Installer) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x64 2105 of version(14026.20270) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel for x86 2105 of version(14026.20270) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x64 2105 of version(14026.20270) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Business Current Channel for x86 2105 of version(14026.20270) | Windows |
| Microsoft Jet Red Database Engine and Access Connectivity Engine Remote Code Execution Vulnerability for Microsoft 365 Apps for Enterprise Current Channel Version 2105 (Build 14026.20270) (Online Installer) | Windows |
Patch Details
Click to see the patches provided by ManageEngine for this CVE
| Patch ID | Patch Description |
|---|---|
| PATCH-31594 | Security Update for Microsoft Office 2016 (KB5001950) 32-Bit Edition |
| PATCH-31595 | Security Update for Microsoft Office 2016 (KB5001950) 64-Bit Edition |
| PATCH-31592 | Security Update for Microsoft Office 2013 (KB5001953) 64-Bit Edition |
| PATCH-31593 | Security Update for Microsoft Office 2013 (KB5001953) 32-Bit Edition |
| PATCH-31588 | Security Update for Microsoft Outlook 2013 (KB5001934) 64-Bit Edition |
| PATCH-31589 | Security Update for Microsoft Outlook 2013 (KB5001934) 32-Bit Edition |
| PATCH-31621 | Update for Office 2019 for x86 1808 Volume License Version(10375.20036) |
| PATCH-31622 | Office 2016 Deployment Tool for Office 2019 x64 1808 (Build:10375.20036) |
| PATCH-31623 | Update for Office 2019 for x64 1808 Volume License Version(10375.20036) |
| PATCH-31625 | Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x64 2008 of version(13127.21668) |
| PATCH-31627 | Update for Microsoft 365 Apps for Enterprise Semi Annual Channel for x86 2008 of version(13127.21668) |
| PATCH-31629 | Update for Microsoft 365 Apps for Business Semi Annual Channel for x64 2008 of version(13127.21668) |
| PATCH-31631 | Update for Microsoft 365 Apps for Business Semi Annual Channel for x86 2008 of version(13127.21668) |
| PATCH-31636 | Update for Microsoft 365 Apps for Enterprise Semi-Annual Channel Version 2008 (Build 13127.21668) (Online Installer) |
| PATCH-31633 | Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x64 2102 of version(13801.20738) |
| PATCH-31635 | Update for Microsoft 365 Apps for Enterprise Semi Annual Targeted Channel for x86 2102 of version(13801.20738) |
| PATCH-31637 | Update for Microsoft 365 Apps for Enterprise Targeted Channel Version 2102 (Build 13801.20738) (Online Installer) |
| PATCH-31613 | Update for Microsoft 365 Apps for Enterprise Current Channel for x64 2105 of version(14026.20270) |
| PATCH-31615 | Update for Microsoft 365 Apps for Enterprise Current Channel for x86 2105 of version(14026.20270) |
| PATCH-31617 | Update for Microsoft 365 Apps for Business Current Channel for x64 2105 of version(14026.20270) |
| PATCH-31619 | Update for Microsoft 365 Apps for Business Current Channel for x86 2105 of version(14026.20270) |
| PATCH-31638 | Update for Microsoft 365 Apps for Enterprise Current Channel Version 2105 (Build 14026.20270) (Online Installer) |
References
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234