Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain priveleges and obtain sensitive information. Below is a complete list of vulnerabilities:

1. Remote code execution vulnerability in Microsoft Office software can be exploited via specially crafted file to execute arbitrary code;
2. An elevation of privilege vulnerability in Microsoft Outlook software can be exploited via specially crafted file to gain priveleges;
3. An elevation of privilege vulnerability in Microsoft SharePoint Server software can be exploited via specially crafted request to gain priveleges;
4. An information disclosure vulnerability in Microsoft Office software can be exploited via specially crafted file to obtain sensitive information.

Первичный источник обнаружения

• CVE-2018-0850
  CVE-2018-0851
  CVE-2018-0852
  CVE-2018-0853
  CVE-2018-0864
  CVE-2018-0869
  CVE-2018-0841
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Office
• Microsoft-Outlook
• Microsoft-Sharepoint-Server

Список CVE

• CVE-2018-0850
  warning
• CVE-2018-0851
  critical
• CVE-2018-0852
  critical
• CVE-2018-0853
  warning
• CVE-2018-0864
  warning
• CVE-2018-0869
  warning
• CVE-2018-0841
  critical

Список KB

• 4011200
• 4011682
• 4011711
• 4011697
• 4011690
• 4011686
• 4011707
• 4011703
• 4011715
• 3172459
• 4011143
• 3114874
• 4011680
• 4011701

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com