Описание
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, spoof user interface, execute arbitrary code, gain privileges.
Below is a complete list of vulnerabilities:
- An information disclosure vulnerability in Microsoft Outlook can be exploited remotely to obtain sensitive information.
- A cross-site-scripting (XSS) vulnerability Microsoft Office SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Microsoft Word can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- A spoofing vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web to spoof user interface.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely via specially crafted file to execute arbitrary code.
- A memory corruption vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Access can be exploited remotely via specially crafted file to execute arbitrary code.
- An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted application to obtain sensitive information.
- An elevation of privilege vulnerability in Microsoft Office Click-to-Run can be exploited remotely via specially crafted application to gain privileges.
Первичный источник обнаружения
- CVE-2020-1493
CVE-2020-1573
CVE-2020-1497
CVE-2020-1583
CVE-2020-1495
CVE-2020-1494
CVE-2020-1499
CVE-2020-1498
CVE-2020-1563
CVE-2020-1483
CVE-2020-1582
CVE-2020-1580
CVE-2020-1505
CVE-2020-1581
CVE-2020-1504
CVE-2020-1502
CVE-2020-1501
CVE-2020-1500
CVE-2020-1503
CVE-2020-1496
Связанные продукты
Список CVE
- CVE-2020-1493 high
- CVE-2020-1573 high
- CVE-2020-1497 high
- CVE-2020-1583 critical
- CVE-2020-1495 critical
- CVE-2020-1494 critical
- CVE-2020-1499 high
- CVE-2020-1498 critical
- CVE-2020-1563 critical
- CVE-2020-1483 warning
- CVE-2020-1582 critical
- CVE-2020-1580 high
- CVE-2020-1505 high
- CVE-2020-1581 critical
- CVE-2020-1504 critical
- CVE-2020-1502 high
- CVE-2020-1501 high
- CVE-2020-1500 high
- CVE-2020-1503 high
- CVE-2020-1496 critical
Список KB
- 4484476
- 4484191
- 4484379
- 4484359
- 4484465
- 4484449
- 4484354
- 4484461
- 4484470
- 4484462
- 4484375
- 4484487
- 4484486
- 4484484
- 4484481
- 4484366
- 4484183
- 4484478
- 4484479
- 4484431
- 4484472
- 4484473
- 4484346
- 4484471
- 4484340
- 4484474
- 4484475
- 4484385
- 4484494
- 4484495
- 4484497
- 4484490
- 4484492
- 4484498
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!