Multiple vulnerabilities in Microsoft Office

Descripción

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to gain privileges.
2. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
3. An information disclosure vulnerability in Skype for Android can be exploited remotely to obtain sensitive information.
4. A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
5. An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted web to obtain sensitive information.
6. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted page to execute arbitrary code.
7. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
8. A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.

Notas informativas originales

• CVE-2019-0958

• CVE-2019-0951
• CVE-2019-0932
• CVE-2019-0946
• CVE-2019-0956
• CVE-2019-0952
• CVE-2019-0963
• CVE-2019-0950
• CVE-2019-0953
• CVE-2019-0945
• CVE-2019-0957
• CVE-2019-0949
• CVE-2019-0947

Productos relacionados

• Microsoft-Word

Lista CVE

• CVE-2019-0958
  high
• CVE-2019-0951
  warning
• CVE-2019-0932
  warning
• CVE-2019-0946
  critical
• CVE-2019-0956
  warning
• CVE-2019-0952
  high
• CVE-2019-0963
  warning
• CVE-2019-0950
  warning
• CVE-2019-0953
  critical
• CVE-2019-0945
  critical
• CVE-2019-0957
  high
• CVE-2019-0949
  warning
• CVE-2019-0947
  critical

Lista KB

• 4464564
• 4464556
• 4464573
• 4464561
• 4464567
• 4464551
• 4464549
• 4464536
• 4462169

Leer más

Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com