Kaspersky Threats

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to gain privileges, spoof user interface, obtain sensitive information, execute arbitrary code.

Below is a complete list of vulnerabilities:

An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to gain privileges.
A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
An information disclosure vulnerability in Skype for Android can be exploited remotely to obtain sensitive information.
A remote code execution vulnerability in Microsoft Office Access Connectivity Engine can be exploited remotely via specially crafted file to execute arbitrary code.
An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted web to obtain sensitive information.
A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted page to execute arbitrary code.
A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.

Первичный источник обнаружения

CVE-2019-0958
CVE-2019-0951
CVE-2019-0932
CVE-2019-0946
CVE-2019-0956
CVE-2019-0952
CVE-2019-0963
CVE-2019-0950
CVE-2019-0953
CVE-2019-0945
CVE-2019-0957
CVE-2019-0949
CVE-2019-0947

Связанные продукты

Microsoft-Word

Список CVE

CVE-2019-0958
high
CVE-2019-0951
warning
CVE-2019-0932
warning
CVE-2019-0946
critical
CVE-2019-0956
warning
CVE-2019-0952
high
CVE-2019-0963
warning
CVE-2019-0950
warning
CVE-2019-0953
critical
CVE-2019-0945
critical
CVE-2019-0957
high
CVE-2019-0949
warning
CVE-2019-0947
critical

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!