Kaspersky ID:
KLA11113
Дата обнаружения:
10/10/2017
Обновлено:
19/07/2024

Описание

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information perform cross-site scripting and privilege escalations Below is a complete list of vulnerabilities:

  1. Multiple vulnerabilities related to an improper handling of objects in memory in Microsoft Office can be exploited locally via a specially designed file to execute arbitrary code;
  2. Multiple vulnerabilities in Microsoft SharePoint can be exploited remotely via specially designed web request to perform cross-site scripting;
  3. A vulnerability in Microsoft Outlook can be exploited via specially crafted document file to execute arbitrary code;
  4. A vulnerability in Microsoft Outlook can be exploited remotely to obtain sensitive information;
  5. A vulnerability in Skype for Business can be exploited remotely via specially designed authentication request to cause privilage escalation.

Technical details

NB: Not every vulnerability already has CVSS rating, so cumulative CVSS rating can be not representative. NB: At this moment VENDOR has just reserved CVE numbers for these vulnerabilities. Information can be changed soon.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2017-11774
    critical
  • CVE-2017-11775
    high
  • CVE-2017-11776
    critical
  • CVE-2017-11777
    high
  • CVE-2017-11786
    critical
  • CVE-2017-11820
    high
  • CVE-2017-11825
    critical
  • CVE-2017-11826
    critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.