Multiple vulnerabilities in Microsoft Office

Beschreibung

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information perform cross-site scripting and privilege escalations

Below is a complete list of vulnerabilities:

1. Multiple vulnerabilities related to an improper handling of objects in memory in Microsoft Office can be exploited locally via a specially designed file to execute arbitrary code;
2. Multiple vulnerabilities in Microsoft SharePoint can be exploited remotely via specially designed web request to perform cross-site scripting;
3. A vulnerability in Microsoft Outlook can be exploited via specially crafted document file to execute arbitrary code;
4. A vulnerability in Microsoft Outlook can be exploited remotely to obtain sensitive information;
5. A vulnerability in Skype for Business can be exploited remotely via specially designed authentication request to cause privilage escalation.

 

---

Technical details

NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative.

NB: At this moment VENDOR has just reserved CVE numbers for these vulnerabilities. Information can be changed soon.

 

Ursprüngliche Informationshinweise

• ADV170017

• CVE-2017-11776
• CVE-2017-11777
• CVE-2017-11774
• CVE-2017-11775
• CVE-2017-11786
• CVE-2017-11820
• CVE-2017-11826
• CVE-2017-11825
• CVE-2017-11775
• CVE-2017-11776
• CVE-2017-11777
• CVE-2017-11786
• CVE-2017-11820
• CVE-2017-11825
• CVE-2017-11826

Betroffene Produkte

• Microsoft-Access
• Microsoft-Lync
• Microsoft-Office-Access
• Microsoft-Office-PowerPoint
• Microsoft-Office-Visio
• Microsoft-Office
• Microsoft-Outlook
• Microsoft-Excel
• Microsoft-Word
• Microsoft-Sharepoint-Server

CVE Liste

KB Liste

• 2553338
• 3172524
• 3213623
• 3213630
• 3213647
• 3213648
• 3213659
• 4011068
• 4011159
• 4011162
• 4011170
• 4011178
• 4011179
• 4011180
• 4011185
• 4011194
• 4011196
• 4011217
• 4011222
• 4011231
• 4011232
• 4011236
• 2837599
• 2920723
• 3213627
• 3172531
• 4022208
• 4022206
• 4022172
• 4022176
• 4022188
• 4022189

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com