Access of resource using incompatible type ('type confusion') in Microsoft Office allows an unauthorized attacker to execute code locally.
2025-04-08T18:16:05.003
2025-07-09T16:58:09.990
Analyzed
CVSSv3.1: 7.8 (HIGH)
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | microsoft | 365_apps | - | Yes |
| Application | microsoft | office | 2016 | Yes |
| Application | microsoft | office | 2019 | Yes |
| Application | microsoft | office_long_term_servicing_channel | 2021 | Yes |
| Application | microsoft | office_long_term_servicing_channel | 2021 | Yes |
| Application | microsoft | office_long_term_servicing_channel | 2024 | Yes |
| Application | microsoft | office_long_term_servicing_channel | 2024 | Yes |