Описание
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted email to execute arbitrary code.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web request to gain privileges.
- A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to gain privileges.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Skype for Business can be exploited remotely via specially designed e-mail to cause denial of service.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
- A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Project can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to obtain sensitive information.
- A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
Первичный источник обнаружения
- CVE-2018-8582
CVE-2018-8558
CVE-2018-8576
CVE-2018-8568
CVE-2018-8572
CVE-2018-8522
CVE-2018-8539
CVE-2018-8546
CVE-2018-8579
CVE-2018-8573
CVE-2018-8575
CVE-2018-8574
CVE-2018-8524
CVE-2018-8578
CVE-2018-8577
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Lync
- Microsoft-Office-Access
- Microsoft-Office-PowerPoint
- Microsoft-Office-Visio-2007
- Microsoft-Office-Visio
- Microsoft-Office-Professional-Plus-2010
- Microsoft-Office
- Microsoft-Outlook
- Microsoft-Excel
Список CVE
- CVE-2018-8582 critical
- CVE-2018-8558 warning
- CVE-2018-8576 critical
- CVE-2018-8568 warning
- CVE-2018-8572 warning
- CVE-2018-8522 critical
- CVE-2018-8539 critical
- CVE-2018-8546 warning
- CVE-2018-8579 warning
- CVE-2018-8573 critical
- CVE-2018-8575 critical
- CVE-2018-8574 critical
- CVE-2018-8524 critical
- CVE-2018-8578 warning
- CVE-2018-8577 critical
Список KB
- 4461486
- 4461506
- 4461529
- 4461501
- 4461483
- 4461513
- 4461511
- 4461520
- 3114565
- 4461527
- 4461473
- 4461487
- 4461504
- 4461485
- 4461524
- 4461526
- 4461489
- 4461478
- 4022147
- 4461503
- 4011190
- 4032218
- 4461519
- 4092473
- 4022232
- 4461530
- 4461488
- 4461518
- 4022237
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!