Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to gain privileges.
2. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
3. An information disclosure vulnerability in Skype for Android can be exploited remotely to obtain sensitive information.
4. A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
5. An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted web to obtain sensitive information.
6. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted page to execute arbitrary code.
7. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
8. A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.

Первичный источник обнаружения

• CVE-2019-0958
  CVE-2019-0951
  CVE-2019-0932
  CVE-2019-0946
  CVE-2019-0956
  CVE-2019-0952
  CVE-2019-0963
  CVE-2019-0950
  CVE-2019-0953
  CVE-2019-0945
  CVE-2019-0957
  CVE-2019-0949
  CVE-2019-0947
  

Связанные продукты

• Microsoft-Word

Список CVE

• CVE-2019-0958
  high
• CVE-2019-0951
  warning
• CVE-2019-0932
  warning
• CVE-2019-0946
  critical
• CVE-2019-0956
  warning
• CVE-2019-0952
  high
• CVE-2019-0963
  warning
• CVE-2019-0950
  warning
• CVE-2019-0953
  critical
• CVE-2019-0945
  critical
• CVE-2019-0957
  high
• CVE-2019-0949
  warning
• CVE-2019-0947
  critical

Список KB

• 4464564
• 4464556
• 4464573
• 4464561
• 4464567
• 4464551
• 4464549
• 4464536
• 4462169

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com