Description
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, spoof user interface, execute arbitrary code.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted file to obtain sensitive information.
- A security feature bypass vulnerability in Microsoft Office ClickToRun can be exploited remotely via specially crafted file to bypass security restrictions.
- A spoofing vulnerability in Microsoft Office Online can be exploited remotely via specially crafted request to spoof user interface.
- An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- Unspecified Microsoft Office can be exploited remotely via specially crafted file to bypass security restrictions.
- An information disclosure vulnerability in Microsoft Office can be exploited remotely via specially crafted application to obtain sensitive information.
- A security feature bypass vulnerability in Microsoft Office can be exploited remotely via specially crafted file to bypass security restrictions.
Original advisories
- CVE-2019-1449
- CVE-2019-1447
- CVE-2019-1446
- CVE-2019-1445
- CVE-2019-1448
- CVE-2019-1457
- CVE-2019-1402
- CVE-2019-1442
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
CVE list
- CVE-2019-1443 warning
- CVE-2019-1449 critical
- CVE-2019-1447 high
- CVE-2019-1446 warning
- CVE-2019-1445 high
- CVE-2019-1448 critical
- CVE-2019-1457 high
- CVE-2019-1402 warning
- CVE-2019-1442 warning
KB list
- 4484142
- 4484148
- 4484159
- 4484119
- 4484143
- 4484164
- 4484160
- 4484113
- 4484149
- 4484151
- 4484144
- 4484127
- 4484141
- 4484158
- 4484157
- 4484165
- 4484152
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!