Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges and spoof user interface.
Below is a complete list of vulnerabilities:
- Multiple vulnerabilities related to improper handling of objects in memory in Microsoft Office can be exploited via a specially designed file to execute arbitrary code;
- Multiple vulnerabilities related to incorrect handling of web requests in Microsoft Exchange Outlook Web Access can be exploited by sending a specially designed email message containing a malicious link to a user to execute arbitrary code;
- An improper sanitization of web requests in Microsoft SharePoint Server can be exploited via a specially designed web request to gain privileges;
- An open redirect vulnerability in Microsoft Exchange can be exploited by sending a link that has a specially designed URL and convincing a user to open it to spoof user interface.
Ursprüngliche Informationshinweise
- CVE-2017-8501
- CVE-2017-8502
- CVE-2017-8569
- CVE-2017-8570
- CVE-2017-0243
- CVE-2017-8501
- CVE-2017-8502
- CVE-2017-8570
CVE Liste
- CVE-2017-0243 critical
- CVE-2017-8501 critical
- CVE-2017-8502 critical
- CVE-2017-8570 critical
- CVE-2017-8569 critical
KB Liste
- 3213537
- 2880514
- 3191833
- 3191894
- 3191897
- 3191902
- 3191907
- 3203459
- 3203468
- 3203469
- 3203477
- 3212224
- 3213544
- 3213545
- 3213555
- 3213559
- 3213624
- 3213640
- 3213657
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!