Multiple vulnerabilities in Microsoft Office

Beschreibung

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely to execute arbitrary code.
2. A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
4. A remote code execution vulnerability in Microsoft Word can be exploited remotely to execute arbitrary code.
5. A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
6. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to spoof user interface.
7. A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely to execute arbitrary code.
8. A spoofing vulnerability in Microsoft Office can be exploited remotely to spoof user interface.
9. An information disclosure vulnerability in Microsoft Office Graphics Component can be exploited remotely to execute arbitrary code.

Ursprüngliche Informationshinweise

• CVE-2021-38660

• CVE-2021-38654
• CVE-2021-38655
• CVE-2021-38656
• CVE-2021-38659
• CVE-2021-38653
• CVE-2021-38658
• CVE-2021-38651
• CVE-2021-38646
• CVE-2021-38652
• CVE-2021-38650
• CVE-2021-38657

Ausnutzung

Public exploits exist for this vulnerability.

Betroffene Produkte

• Microsoft-Office
• Microsoft-Excel
• Microsoft-Sharepoint-Server
• Microsoft-SharePoint

CVE Liste

• CVE-2021-38660
  critical
• CVE-2021-38654
  critical
• CVE-2021-38655
  critical
• CVE-2021-38656
  critical
• CVE-2021-38659
  critical
• CVE-2021-38653
  critical
• CVE-2021-38658
  critical
• CVE-2021-38651
  critical
• CVE-2021-38646
  critical
• CVE-2021-38652
  critical
• CVE-2021-38650
  critical
• CVE-2021-38657
  high

KB Liste

• 4484108
• 5001997
• 5002014
• 5002024
• 5002007
• 4484103
• 5002009
• 5002018
• 5002003
• 5002020
• 5001999
• 5002005
• 5001958

Mehr erfahren

Informieren Sie sich über die Statistiken der in Ihrer Region verbreiteten Sicherheitslücken statistics.securelist.com