Description
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to gain privileges.
- A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Office can be exploited remotely via specially crafted to execute arbitrary code.
Original advisories
- CVE-2019-0825
- CVE-2019-0831
- CVE-2019-0822
- CVE-2019-0823
- CVE-2019-0828
- CVE-2019-0801
- CVE-2019-0826
- CVE-2019-0827
- CVE-2019-0830
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2019-0824 high
- CVE-2019-0825 high
- CVE-2019-0831 warning
- CVE-2019-0822 critical
- CVE-2019-0823 high
- CVE-2019-0828 critical
- CVE-2019-0801 high
- CVE-2019-0826 high
- CVE-2019-0827 high
- CVE-2019-0830 warning
KB list
- 4462213
- 4462204
- 4464520
- 4464511
- 4464528
- 4464518
- 4464510
- 4464525
- 4462209
- 4462230
- 4462236
- 4462242
- 4464504
- 4462223
- 4464515
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!