Kaspersky Threats — The page you're looking was not found.<br>But you can see our latest described Vulnerabilities and Threat.

説明

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information, perform cross-site scripting attack, gain privileges.

Below is a complete list of vulnerabilities:

A remote code execution vulnerability in Microsoft Word can be exploited remotely via special crafted file to execute arbitrary code.
A remote code execution vulnerability in Microsoft Project can be exploited remotely via specially crafted file to execute arbitrary code.
A remote code execution vulnerability in .NET Framework, SharePoint Server, and Visual Studio can be exploited remotely via specially crafted document to execute arbitrary code.
A cross-site-scripting (XSS) vulnerability Microsoft SharePoint Reflective can be exploited remotely via specially crafted request to spoof user interface.
A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted to execute arbitrary code.
A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
A cross-site-scripting (XSS) vulnerability in Office Web Apps can be exploited remotely via specially crafted request to spoof user interface.
A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted email to execute arbitrary code.
An information disclosure vulnerability in Microsoft Office can be exploited to obtain sensitive information.
A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
A remote code execution vulnerability in PerformancePoint Services can be exploited remotely via specially crafted document to execute arbitrary code.
A cross-site-scripting (XSS) vulnerability in Microsoft SharePoint Server can be exploited remotely via special crafted web to spoof user interface.
A remote code execution vulnerability in Microsoft Outlook can be exploited to execute arbitrary code.
An elevation of privilege vulnerability in Microsoft OneDrive can be exploited remotely via specially crafted application to gain privileges.
A cross-site-scripting (XSS) vulnerability in Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
An information disclosure vulnerability in Microsoft Office can be exploited remotely via specially crafted file to obtain sensitive information.
A remote code execution vulnerability in DirectWrite can be exploited remotely via specially crafted document to execute arbitrary code.
A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
An elevation of privilege vulnerability in Microsoft Office can be exploited remotely to gain privileges.

オリジナルアドバイザリー

エクスプロイテーション

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

CVEリスト

CVE-2020-1147
critical
CVE-2020-1409
critical
CVE-2020-1448
critical
CVE-2020-1449
critical
CVE-2020-1454
high
CVE-2020-1458
critical
CVE-2020-1456
high
CVE-2020-1442
high
CVE-2020-1443
high
CVE-2020-1444
warning
CVE-2020-1445
high
CVE-2020-1446
critical
CVE-2020-1447
critical
CVE-2020-1439
critical
CVE-2020-1451
high
CVE-2020-1349
critical
CVE-2020-1465
critical
CVE-2020-1450
high
CVE-2020-1342
high
CVE-2020-1240
critical
CVE-2020-1025
critical

KBリスト

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com

この脆弱性についての記述に不正確な点がありますか？お知らせください！

Multiple vulnerabilities in Microsoft Office

説明