Beschreibung
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information or execute arbitrary code.
Below is a complete list of vulnerabilities:
- An incorrect handling of requests in Microsoft SharePoint Server can be exploited remotely via a specially designed request to gain privileges;
- Multiple improper handling of objects in memory vulnerabilities in Microsoft Excel can be exploited locally via a specially designed document file to execute arbitrary code or obtain sensitive information;
- An incorrect handling of requests in Office Web Apps Server 2013 and Office Online Server can be exploited remotely via a specially designed request to gain privileges;
- An incorrect OLE objects instantiation in Microsoft Publisher can be exploited remotely via a specially designed request to gain privileges;
- An improper validation of attachment headers in Microsoft Outlook can be exploited remotely via a specially designed e-main message to gain privileges.
Ursprüngliche Informationshinweise
CVE Liste
- CVE-2018-8254 critical
- CVE-2018-8248 critical
- CVE-2018-8246 critical
- CVE-2018-8252 critical
- CVE-2018-8247 critical
- CVE-2018-8245 critical
- CVE-2018-8244 critical
KB Liste
- 4022209
- 4022197
- 3115248
- 4022182
- 4022179
- 4022205
- 4022190
- 4022199
- 3115197
- 4022196
- 4022174
- 4022173
- 4022160
- 4022151
- 4011186
- 4011026
- 4018387
- 4022210
- 4022169
- 4022177
- 4018391
- 4022183
- 4022191
- 4022203
Mehr erfahren
Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com
Sie haben einen Fehler in der Beschreibung der Schwachstelle gefunden? Mitteilen!