Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to bypass security restrictions, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. A security feature bypass vulnerability in Microsoft OneDrive for Android can be exploited remotely.
2. A memory corruption vulnerability in Microsoft Office can be exploited remotely via specially crafted file to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
4. A spoofing vulnerability in Microsoft Office Online can be exploited remotely via specially crafted request to spoof user interface.

Первичный источник обнаружения

• CVE-2020-0654
  CVE-2020-0652
  CVE-2020-0653
  CVE-2020-0650
  CVE-2020-0651
  CVE-2020-0647
  

Связанные продукты

• Microsoft-Office
• Microsoft-Excel

Список CVE

• CVE-2020-0654
  high
• CVE-2020-0652
  high
• CVE-2020-0653
  critical
• CVE-2020-0650
  critical
• CVE-2020-0651
  critical
• CVE-2020-0647
  high

Список KB

• 4484221
• 4484236
• 4484234
• 4484243
• 4484217
• 4484227
• 4484223

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com