Описание
Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information, bypass security restrictions or execute arbitrary code.
Below is a complete list of vulnerabilities:
- An improper handling of objects in memory in Microsoft Access can be exploited locally via a specially designed document to execute arbitrary code;
- An incorrect checking of macro settings in Microsoft Office Excel can be exploited locally via a specially designed document to bypass security restrictions;
- An improper handling of requests in Microsoft SharePoint can be exploited remotely via a specially designed request to gain privileges;
- Out-of-bound vulnerability in Microsoft Office can be exploited locally via a specially designed document to obtain sensitive information;
- Memory corruption vulnerability in Microsoft Office can be exploited locally via a specially crafted document or remotely via a specially designed website to execute arbitrary code;
- An improper tenant permissions verification in Microsoft SharePoint Server can be exploited remotely via a specially designed request to gain privileges.
Первичный источник обнаружения
- CVE-2018-0903
CVE-2018-0907
CVE-2018-0909
CVE-2018-0910
CVE-2018-0911
CVE-2018-0912
CVE-2018-0913
CVE-2018-0914
CVE-2018-0915
CVE-2018-0916
CVE-2018-0917
CVE-2018-0919
CVE-2018-0921
CVE-2018-0922
CVE-2018-0923
CVE-2018-0944
CVE-2018-0947
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
Список CVE
- CVE-2018-0903 high
- CVE-2018-0907 high
- CVE-2018-0909 high
- CVE-2018-0910 high
- CVE-2018-0911 high
- CVE-2018-0912 high
- CVE-2018-0913 high
- CVE-2018-0914 high
- CVE-2018-0915 high
- CVE-2018-0916 high
- CVE-2018-0917 high
- CVE-2018-0919 warning
- CVE-2018-0921 high
- CVE-2018-0922 critical
- CVE-2018-0923 high
- CVE-2018-0944 high
- CVE-2018-0947 high
Список KB
- 3114416
- 4011023
- 4011234
- 4011665
- 4011673
- 4011674
- 4011675
- 4011688
- 4011692
- 4011695
- 4011705
- 4011709
- 4011714
- 4011720
- 4011721
- 4011727
- 4011730
- 4018291
- 4018293
- 4018298
- 4018304
- 4018305
- 4018309
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!