Multiple vulnerabilities in Microsoft Office

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, execute arbitrary code, spoof user interface.

Below is a complete list of vulnerabilities:

1. An information disclosure vulnerability in Rich Text Edit Control can be exploited remotely to obtain sensitive information.
2. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
3. A remote code execution vulnerability in Microsoft Office Visio can be exploited remotely to execute arbitrary code.
4. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to spoof user interface.
5. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
6. An information disclosure vulnerability in Microsoft SharePoint Server can be exploited remotely to obtain sensitive information.
7. A remote code execution vulnerability in Microsoft Word can be exploited remotely to execute arbitrary code.
8. An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.

Первичный источник обнаружения

• CVE-2021-40454
  CVE-2021-41344
  CVE-2021-40481
  CVE-2021-40483
  CVE-2021-40473
  CVE-2021-40487
  CVE-2021-40482
  CVE-2021-40480
  CVE-2021-40486
  CVE-2021-40485
  CVE-2021-40479
  CVE-2021-40471
  CVE-2021-40474
  CVE-2021-40484
  CVE-2021-40472
  

Эксплуатация

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

• Microsoft-Office
• Microsoft-Excel
• Microsoft-SharePoint

Список CVE

• CVE-2021-40454
  warning
• CVE-2021-41344
  high
• CVE-2021-40481
  high
• CVE-2021-40483
  warning
• CVE-2021-40473
  high
• CVE-2021-40487
  high
• CVE-2021-40482
  warning
• CVE-2021-40480
  high
• CVE-2021-40486
  high
• CVE-2021-40485
  high
• CVE-2021-40479
  high
• CVE-2021-40471
  high
• CVE-2021-40474
  high
• CVE-2021-40484
  warning
• CVE-2021-40472
  warning

Список KB

• 5001960
• 5001985
• 5002029
• 5002043
• 5002004
• 4461476
• 5002036
• 5001924
• 5002027
• 5002042
• 5001982
• 5002006
• 5002030
• 4493202
• 5002028
• 4018332

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com