Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Rich Text Edit Control can be exploited remotely to obtain sensitive information.
2. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.
4. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to spoof user interface.
5. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
6. An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely to obtain sensitive information.
7. A remote code execution vulnerability in Microsoft Word can be exploited remotely to execute arbitrary code.
8. An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2021-40454
  CVE-2021-41344
  CVE-2021-40481
  CVE-2021-40483
  CVE-2021-40473
  CVE-2021-40487
  CVE-2021-40482
  CVE-2021-40480
  CVE-2021-40486
  CVE-2021-40485
  CVE-2021-40479
  CVE-2021-40471
  CVE-2021-40474
  CVE-2021-40484
  CVE-2021-40472
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Office
• Microsoft-Excel
• Microsoft-SharePoint

Список CVE

• CVE-2021-40454
  high
• CVE-2021-41344
  critical
• CVE-2021-40481
  critical
• CVE-2021-40483
  critical
• CVE-2021-40473
  critical
• CVE-2021-40487
  critical
• CVE-2021-40482
  critical
• CVE-2021-40480
  critical
• CVE-2021-40486
  critical
• CVE-2021-40485
  critical
• CVE-2021-40479
  critical
• CVE-2021-40471
  critical
• CVE-2021-40474
  critical
• CVE-2021-40484
  critical
• CVE-2021-40472
  high

Список KB

• 5001960
• 5001985
• 5002029
• 5002043
• 5002004
• 4461476
• 5002036
• 5001924
• 5002027
• 5002042
• 5001982
• 5002006
• 5002030
• 4493202
• 5002028
• 4018332

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com