Multiple vulnerabilities in Microsoft Office

説明

Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

1. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted email to execute arbitrary code.
2. A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
3. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
4. A vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web request to gain privileges.
5. A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to gain privileges.
6. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
7. A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
8. A vulnerability in Microsoft Skype for Business can be exploited remotely via specially designed e-mail to cause denial of service.
9. A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
10. A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
11. A vulnerability in Microsoft Project can be exploited remotely via specially crafted file to execute arbitrary code.
12. A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
13. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
14. A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to obtain sensitive information.
15. A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.

オリジナルアドバイザリー

• CVE-2018-8582

• CVE-2018-8558
• CVE-2018-8576
• CVE-2018-8568
• CVE-2018-8572
• CVE-2018-8522
• CVE-2018-8539
• CVE-2018-8546
• CVE-2018-8579
• CVE-2018-8573
• CVE-2018-8575
• CVE-2018-8574
• CVE-2018-8524
• CVE-2018-8578
• CVE-2018-8577

エクスプロイテーション

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

関連製品

• Microsoft-Lync
• Microsoft-Office-Access
• Microsoft-Office-PowerPoint
• Microsoft-Office-Visio-2007
• Microsoft-Office-Visio
• Microsoft-Office-Professional-Plus-2010
• Microsoft-Office
• Microsoft-Outlook
• Microsoft-Excel

CVEリスト

• CVE-2018-8582
  critical
• CVE-2018-8558
  warning
• CVE-2018-8576
  critical
• CVE-2018-8568
  warning
• CVE-2018-8572
  warning
• CVE-2018-8522
  critical
• CVE-2018-8539
  critical
• CVE-2018-8546
  warning
• CVE-2018-8579
  warning
• CVE-2018-8573
  critical
• CVE-2018-8575
  critical
• CVE-2018-8574
  critical
• CVE-2018-8524
  critical
• CVE-2018-8578
  warning
• CVE-2018-8577
  critical

KBリスト

• 4461486
• 4461506
• 4461529
• 4461501
• 4461483
• 4461513
• 4461511
• 4461520
• 3114565
• 4461527
• 4461473
• 4461487
• 4461504
• 4461485
• 4461524
• 4461526
• 4461489
• 4461478
• 4022147
• 4461503
• 4011190
• 4032218
• 4461519
• 4092473
• 4022232
• 4461530
• 4461488
• 4461518
• 4022237

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com