Kaspersky Threats

Описание

Multiple serious vulnerabilities have been found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, obtain sensitive information and execute arbitrary code.

Below is a complete list of vulnerabilities:

An improper font handling in the Office graphics component can be exploited remotely via specially crafted document or website to execute arbitrary code;
An unspecified vulnerability can be exploited remotely via specially crafted RTF document to obtain sensitive information;
Multiple vulnerabilities related to improper request handling in Microsoft SharePoint Server can be exploited remotely via specially crafted URL to gain privileges;
Multiple memory corruption vulnerabilities in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code;
Multiple memory corruption vulnerabilities in Microsoft Office can be exploited remotely via specially crafted file to execute arbitrary code;
An unspecified vulnerability can be exploited remotely via specially crafted document to obtain sensitive information.

Первичный источник обнаружения

CVE-2018-1028
CVE-2018-0950
CVE-2018-1014
CVE-2018-1034
CVE-2018-1027
CVE-2018-1029
CVE-2018-1032
CVE-2018-1030
CVE-2018-1026
CVE-2018-1005
CVE-2018-1011
CVE-2018-1007
CVE-2018-0920

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

CVE-2018-1028
critical
CVE-2018-0950
warning
CVE-2018-1014
warning
CVE-2018-1034
warning
CVE-2018-1027
critical
CVE-2018-1029
critical
CVE-2018-1032
warning
CVE-2018-1030
critical
CVE-2018-1026
critical
CVE-2018-1005
warning
CVE-2018-1011
critical
CVE-2018-1007
warning
CVE-2018-0920
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!