Multiple vulnerabilities in Microsoft Office

Описание

Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web request to gain privileges.
2. A remote code execution vulnerability in Microsoft PowerPoint can be exploited remotely via specially crafted file to execute arbitrary code.
3. An information disclosure vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to obtain sensitive information.
4. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web request to gain privileges.
5. A remote code execution vulnerability in Microsoft Graphics Components can be exploited remotely via specially crafted file to execute arbitrary code.
6. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web requests to gain privileges.
7. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web requests to gain privileges.
8. A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
9. A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.

Первичный источник обнаружения

• CVE-2018-8488
  CVE-2018-8501
  CVE-2018-8427
  CVE-2018-8518
  CVE-2018-8432
  CVE-2018-8498
  CVE-2018-8480
  CVE-2018-8504
  CVE-2018-8502
  ADV180026
  

Связанные продукты

• Microsoft-Office
• Microsoft-Excel
• Microsoft-Word

Список CVE

• CVE-2018-8432
  critical
• CVE-2018-8427
  warning
• CVE-2018-8488
  warning
• CVE-2018-8501
  critical
• CVE-2018-8518
  warning
• CVE-2018-8498
  warning
• CVE-2018-8480
  warning
• CVE-2018-8504
  critical
• CVE-2018-8502
  critical

Список KB

• 4092464
• 4461448
• 4092481
• 4092482
• 4092477
• 4461466
• 4461447
• 4092444
• 4461449
• 4461457
• 4092439
• 4227167
• 4461460
• 4227170
• 4092453
• 4461450
• 4092437
• 4461440
• 4022138
• 4092483
• 4461437
• 4461434
• 4461445

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com