Multiple vulnerability in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, gain privileges, execute arbitrary code.

Below is a complete list of vulnerabilities:

1. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
2. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to gain privileges.
3. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
4. A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
5. An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted request to gain privileges.

Первичный источник обнаружения

• CVE-2019-1070
  CVE-2019-1329
  CVE-2019-1328
  CVE-2019-1331
  CVE-2019-1327
  CVE-2019-1330
  

Связанные продукты

• Microsoft-Office
• Microsoft-Excel

Список CVE

• CVE-2019-1070
  warning
• CVE-2019-1329
  warning
• CVE-2019-1328
  warning
• CVE-2019-1331
  critical
• CVE-2019-1327
  critical
• CVE-2019-1330
  warning

Список KB

• 4484122
• 4484111
• 4475554
• 4484110
• 4475569
• 4484131
• 4475558
• 4484130
• 4462176
• 4484112
• 4484123
• 4462215
• 4475595
• 4475608

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com