Description
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, gain privileges.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Microsoft Outlook can be exploited remotely to obtain sensitive information.
- A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Microsoft Word can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted file to execute arbitrary code.
- A memory corruption vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Access can be exploited remotely via specially crafted file to execute arbitrary code.
- An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Microsoft Office Click-to-Run can be exploited remotely via specially crafted application to gain privileges.
Fiches de renseignement originales
- CVE-2020-1573
- CVE-2020-1497
- CVE-2020-1583
- CVE-2020-1495
- CVE-2020-1494
- CVE-2020-1499
- CVE-2020-1498
- CVE-2020-1563
- CVE-2020-1483
- CVE-2020-1582
- CVE-2020-1580
- CVE-2020-1505
- CVE-2020-1581
- CVE-2020-1504
- CVE-2020-1502
- CVE-2020-1501
- CVE-2020-1500
- CVE-2020-1503
- CVE-2020-1496
Exploitation
Public exploits exist for this vulnerability.
Produits associés
Liste CVE
- CVE-2020-1493 high
- CVE-2020-1573 high
- CVE-2020-1497 high
- CVE-2020-1583 critical
- CVE-2020-1495 critical
- CVE-2020-1494 critical
- CVE-2020-1499 high
- CVE-2020-1498 critical
- CVE-2020-1563 critical
- CVE-2020-1483 critical
- CVE-2020-1582 critical
- CVE-2020-1580 high
- CVE-2020-1505 high
- CVE-2020-1581 critical
- CVE-2020-1504 critical
- CVE-2020-1502 high
- CVE-2020-1501 high
- CVE-2020-1500 high
- CVE-2020-1503 high
- CVE-2020-1496 critical
Liste KB
- 4484476
- 4484191
- 4484379
- 4484359
- 4484465
- 4484449
- 4484354
- 4484461
- 4484470
- 4484462
- 4484375
- 4484487
- 4484486
- 4484484
- 4484481
- 4484366
- 4484183
- 4484478
- 4484479
- 4484431
- 4484472
- 4484473
- 4484346
- 4484471
- 4484340
- 4484474
- 4484475
- 4484385
- 4484494
- 4484495
- 4484497
- 4484490
- 4484492
- 4484498
En savoir plus
Découvrez les statistiques de la propagation des vulnérabilités dans votre région statistics.securelist.com
Vous avez trouvé une inexactitude dans la description de cette vulnérabilité ? Faites-le nous savoir !