Kaspersky ID:
KLA11551
Detect Date:
09/10/2019
Updated:
04/03/2025

Description

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges, execute arbitrary code, bypass security restrictions, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka ‘Microsoft SharePoint Spoofing Vulnerability’. This CVE ID is unique from CVE-2019-1259.
  2. An elevation of privilege vulnerability exists in Microsoft SharePoint, aka ‘Microsoft SharePoint Elevation of Privilege Vulnerability’.
  3. A remote code execution vulnerability exists in Microsoft SharePoint when the software fails to check the source markup of an application package, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1295, CVE-2019-1296.
  4. A cross-site-scripting (XSS) vulnerability exists when Microsoft SharePoint Server does not properly sanitize a specially crafted web request to an affected SharePoint server, aka ‘Microsoft Office SharePoint XSS Vulnerability’.
  5. A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren’t properly protected from unsafe data input, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1257, CVE-2019-1296.
  6. A security feature bypass vulnerability exists when Microsoft Office improperly handles input, aka ‘Microsoft Office Security Feature Bypass Vulnerability’.
  7. A remote code execution vulnerability exists in Microsoft SharePoint where APIs aren’t properly protected from unsafe data input, aka ‘Microsoft SharePoint Remote Code Execution Vulnerability’. This CVE ID is unique from CVE-2019-1257, CVE-2019-1295.
  8. An information disclosure vulnerability exists in Lync 2013, aka ‘Lync 2013 Information Disclosure Vulnerability’.
  9. An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka ‘Microsoft Excel Information Disclosure Vulnerability’.
  10. A spoofing vulnerability exists in Microsoft SharePoint when it improperly handles requests to authorize applications, resulting in cross-site request forgery (CSRF).To exploit this vulnerability, an attacker would need to create a page specifically designed to cause a cross-site request, aka ‘Microsoft SharePoint Spoofing Vulnerability’. This CVE ID is unique from CVE-2019-1261.
  11. A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka ‘Microsoft Excel Remote Code Execution Vulnerability’.
  12. A remote code execution vulnerability in Jet Database Engine can be exploited remotely to execute arbitrary code.

Original advisories

Exploitation

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Related products

CVE list

  • CVE-2019-1261
    critical
  • CVE-2019-1260
    high
  • CVE-2019-1257
    critical
  • CVE-2019-1262
    high
  • CVE-2019-1246
    critical
  • CVE-2019-1295
    critical
  • CVE-2019-1264
    critical
  • CVE-2019-1296
    critical
  • CVE-2019-1209
    high
  • CVE-2019-1263
    high
  • CVE-2019-1259
    critical
  • CVE-2019-1297
    critical

KB list

Read more

Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com

Found an inaccuracy in the description of this vulnerability? Let us know!
Kaspersky Next
Let’s go Next: redefine your business’s cybersecurity
Learn more
New Kaspersky!
Your digital life deserves complete protection!
Learn more
Confirm changes?
Your message has been sent successfully.