Описание
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information.
Below is a complete list of vulnerabilities:
- A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Skype for Business and Lync can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Skype for Business and Lync can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft Office can be exploited remotely to obtain sensitive information.
- A remote code execution vulnerability in Microsoft Jet Red Database Engine and Access Connectivity Engine can be exploited remotely to execute arbitrary code.
- A spoofing vulnerability in Microsoft SharePoint can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
- An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
- An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely to obtain sensitive information.
Первичный источник обнаружения
- CVE-2021-31181
CVE-2021-26421
CVE-2021-26422
CVE-2021-31178
CVE-2021-28455
CVE-2021-26418
CVE-2021-31179
CVE-2021-31180
CVE-2021-28478
CVE-2021-28474
CVE-2021-31172
CVE-2021-31177
CVE-2021-31173
CVE-2021-31176
CVE-2021-31174
CVE-2021-31175
CVE-2021-31171
Эксплуатация
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Связанные продукты
- Microsoft-Lync
- Microsoft-Office
- Microsoft-Excel
- Microsoft-Word
- Microsoft-Windows
- Microsoft-Windows-Server
- Microsoft-Windows-Server-2012
- Microsoft-Windows-8
- Microsoft-Windows-7
- Microsoft-Windows-Server-2008
- Windows-RT
- Microsoft-Lync-Server
- Microsoft-Windows-10
Список CVE
- CVE-2021-28455 high
- CVE-2021-31181 high
- CVE-2021-26421 high
- CVE-2021-26422 high
- CVE-2021-31178 warning
- CVE-2021-26418 high
- CVE-2021-31179 high
- CVE-2021-31180 high
- CVE-2021-28478 high
- CVE-2021-28474 high
- CVE-2021-31172 high
- CVE-2021-31177 high
- CVE-2021-31173 warning
- CVE-2021-31176 high
- CVE-2021-31174 warning
- CVE-2021-31175 high
- CVE-2021-31171 warning
Список KB
- 5001914
- 5001931
- 5001919
- 5001917
- 4493197
- 5003729
- 4464542
- 5001920
- 5001927
- 5001923
- 4493206
- 5001918
- 5001916
- 5001928
- 5001936
- 5001925
- 5001935
- 4504711
- 4484527
Смотрите также
Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com
Нашли неточность в описании этой уязвимости? Дайте нам знать!