Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, cause denial of service.

Below is a complete list of vulnerabilities:

1. A remote code execution vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code;
2. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface;
3. A denial of service vulnerability in Skype for Business and Lync Server can be exploited remotely via IMPORTANTTHING to cause denial of service;
4. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.

Первичный источник обнаружения

• CVE-2019-1034
  CVE-2019-1031
  CVE-2019-1032
  CVE-2019-1029
  CVE-2019-1035
  CVE-2019-1033
  CVE-2019-1036
  

Связанные продукты

• Microsoft-Lync
• Microsoft-Word
• Microsoft-Lync-Server

Список CVE

• CVE-2019-1034
  critical
• CVE-2019-1031
  warning
• CVE-2019-1032
  warning
• CVE-2019-1029
  high
• CVE-2019-1035
  critical
• CVE-2019-1033
  warning
• CVE-2019-1036
  warning

Список KB

• 4464596
• 4461619
• 4461621
• 4464594
• 4461611
• 4464590
• 4464602
• 4475511
• 4475512
• 4462178
• 4464597
• 4464571
• 4506009
• 4092442

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com