Kaspersky ID:
KLA11774
Дата обнаружения:
12/05/2020
Обновлено:
08/07/2026

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to spoof user interface, execute arbitrary code, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
  2. A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
  3. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely via specially crafted page to execute arbitrary code.
  4. A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted to execute arbitrary code.
  5. An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely to obtain sensitive information.
  6. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Список CVE

  • CVE-2020-1099
    high
  • CVE-2020-0901
    critical
  • CVE-2020-1069
    critical
  • CVE-2020-1024
    critical
  • CVE-2020-1100
    high
  • CVE-2020-1101
    high
  • CVE-2020-1023
    critical
  • CVE-2020-1103
    high
  • CVE-2020-1102
    critical
  • CVE-2020-1105
    high
  • CVE-2020-1104
    high
  • CVE-2020-1107
    high
  • CVE-2020-1106
    high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Kaspersky IT Security Calculator:
Оцените ваш профиль кибербезопасности
Узнать больше
Встречай новый Kaspersky!
Каждая минута твоей онлайн-жизни заслуживает топовой защиты.
Узнать больше
Do you want to save your changes?
Your message has been sent successfully.