Description
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, spoof user interface.
Below is a complete list of vulnerabilities:
- An elevation of privilege vulnerability in Microsoft (MAU) Office can be exploited remotely to gain privileges.
- A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
- A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted file to execute arbitrary code.
- A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- An elevation of privilege vulnerability in OneDrive for Windows can be exploited remotely via specially crafted application to gain privileges.
Original advisories
- CVE-2020-0980
- CVE-2020-0961
- CVE-2020-0924
- CVE-2020-0925
- CVE-2020-0926
- CVE-2020-0927
- CVE-2020-0920
- CVE-2020-0923
- CVE-2020-0906
- CVE-2020-0929
- CVE-2020-0760
- CVE-2020-0991
- CVE-2020-0979
- CVE-2020-0978
- CVE-2020-0977
- CVE-2020-0976
- CVE-2020-0975
- CVE-2020-0974
- CVE-2020-0973
- CVE-2020-0972
- CVE-2020-0971
- CVE-2020-0954
- CVE-2020-0933
- CVE-2020-0932
- CVE-2020-0931
- CVE-2020-0930
- CVE-2020-0935
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Access
- Microsoft-Visio-2010
- Microsoft-Office
- Microsoft-Outlook
- Microsoft-Excel
- Microsoft-Word
- Microsoft-Windows
CVE list
- CVE-2020-0984 warning
- CVE-2020-0980 critical
- CVE-2020-0961 critical
- CVE-2020-0924 warning
- CVE-2020-0925 warning
- CVE-2020-0926 warning
- CVE-2020-0927 warning
- CVE-2020-0920 high
- CVE-2020-0923 warning
- CVE-2020-0906 critical
- CVE-2020-0929 high
- CVE-2020-0760 high
- CVE-2020-0991 critical
- CVE-2020-0979 critical
- CVE-2020-0978 warning
- CVE-2020-0977 warning
- CVE-2020-0976 warning
- CVE-2020-0975 warning
- CVE-2020-0974 high
- CVE-2020-0973 warning
- CVE-2020-0972 warning
- CVE-2020-0971 high
- CVE-2020-0954 warning
- CVE-2020-0933 warning
- CVE-2020-0932 high
- CVE-2020-0931 high
- CVE-2020-0930 warning
- CVE-2020-0935 warning
KB list
- 3203462
- 4484258
- 4475609
- 3162033
- 4011584
- 4484293
- 4484285
- 4484214
- 4484281
- 4484260
- 2553306
- 4484244
- 4484300
- 4484269
- 4484319
- 4484283
- 4484126
- 4032216
- 4484292
- 4484273
- 4484307
- 4484274
- 3128012
- 4484226
- 4464544
- 4462153
- 4484322
- 4484295
- 4484125
- 4484238
- 4484291
- 4484296
- 4484301
- 4484308
- 4484294
- 4484298
- 4484246
- 4484287
- 4484229
- 4011104
- 4462210
- 4484297
- 4484117
- 4484235
- 4484167
- 4484266
- 4462225
- 4484132
- 4011097
- 4484299
- 4464527
- 4484290
- 4011581
- 4484284
- 4484321
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!