Multiple vulnerabilities in Microsoft Office

Beschreibung

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to gain privileges.
2. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
3. An information disclosure vulnerability in Skype for Android can be exploited remotely to obtain sensitive information.
4. A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
5. An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted web to obtain sensitive information.
6. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted page to execute arbitrary code.
7. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
8. A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.

Ursprüngliche Informationshinweise

• CVE-2019-0958

• CVE-2019-0951
• CVE-2019-0932
• CVE-2019-0946
• CVE-2019-0956
• CVE-2019-0952
• CVE-2019-0963
• CVE-2019-0950
• CVE-2019-0953
• CVE-2019-0945
• CVE-2019-0957
• CVE-2019-0949
• CVE-2019-0947

Betroffene Produkte

• Microsoft-Word

CVE Liste

• CVE-2019-0958
  high
• CVE-2019-0951
  warning
• CVE-2019-0932
  warning
• CVE-2019-0946
  critical
• CVE-2019-0956
  warning
• CVE-2019-0952
  high
• CVE-2019-0963
  warning
• CVE-2019-0950
  warning
• CVE-2019-0953
  critical
• CVE-2019-0945
  critical
• CVE-2019-0957
  high
• CVE-2019-0949
  warning
• CVE-2019-0947
  critical

KB Liste

• 4464564
• 4464556
• 4464573
• 4464561
• 4464567
• 4464551
• 4464549
• 4464536
• 4462169

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com