Kaspersky ID:
KLA11577
Дата обнаружения:
08/10/2019
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

  1. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
  2. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to gain privileges.
  3. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
  4. A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
  5. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted request to gain privileges.

Первичный источник обнаружения

Связанные продукты

Список CVE

  • CVE-2019-1070
    warning
  • CVE-2019-1329
    warning
  • CVE-2019-1328
    warning
  • CVE-2019-1331
    critical
  • CVE-2019-1327
    critical
  • CVE-2019-1330
    warning

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Confirm changes?
Your message has been sent successfully.