Kaspersky ID:
KLA12175
Дата обнаружения:
11/05/2021
Обновлено:
22/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, obtain sensitive information.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely to execute arbitrary code.
  2. A spoofing vulnerability in Skype for Business and Lync can be exploited remotely to spoof user interface.
  3. A remote code execution vulnerability in Skype for Business and Lync can be exploited remotely to execute arbitrary code.
  4. An information disclosure vulnerability in Microsoft Office can be exploited remotely to obtain sensitive information.
  5. A remote code execution vulnerability in Microsoft Jet Red Database Engine and Access Connectivity Engine can be exploited remotely to execute arbitrary code.
  6. A spoofing vulnerability in Microsoft SharePoint can be exploited remotely to spoof user interface.
  7. A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
  8. A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely to execute arbitrary code.
  9. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
  10. An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely to obtain sensitive information.
  11. An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
  12. An information disclosure vulnerability in Microsoft SharePoint can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2021-28455
    high
  • CVE-2021-31181
    high
  • CVE-2021-26421
    high
  • CVE-2021-26422
    high
  • CVE-2021-31178
    warning
  • CVE-2021-26418
    high
  • CVE-2021-31179
    high
  • CVE-2021-31180
    high
  • CVE-2021-28478
    high
  • CVE-2021-28474
    high
  • CVE-2021-31172
    high
  • CVE-2021-31177
    high
  • CVE-2021-31173
    warning
  • CVE-2021-31176
    high
  • CVE-2021-31174
    warning
  • CVE-2021-31175
    high
  • CVE-2021-31171
    warning

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Узнай больше об угрозах и векторах атаки на Энциклопедии Kaspersky
Бесплатно
Читать
Kaspersky Premium
Комплексное решение для защиты вашей цифровой жизни
Премиум
Скачать
Confirm changes?
Your message has been sent successfully.