Kaspersky ID:
KLA50773
Дата обнаружения:
11/07/2023
Обновлено:
25/01/2024

Описание

Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, gain privileges, bypass security restrictions, obtain sensitive information, spoof user interface.

Below is a complete list of vulnerabilities:

  1. A remote code execution vulnerability in Microsoft Excel can be exploited remotely to execute arbitrary code.
  2. An elevation of privilege vulnerability in Microsoft Office can be exploited remotely to gain privileges.
  3. A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
  4. A remote code execution vulnerability in Microsoft Office Graphics can be exploited remotely to execute arbitrary code.
  5. A security feature bypass vulnerability in Microsoft SharePoint Server can be exploited remotely to bypass security restrictions.
  6. A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely to execute arbitrary code.
  7. A security feature bypass vulnerability in Microsoft Office can be exploited remotely to bypass security restrictions.
  8. A remote code execution vulnerability in Microsoft ActiveX can be exploited remotely to execute arbitrary code.
  9. An information disclosure vulnerability in Microsoft Excel can be exploited remotely to obtain sensitive information.
  10. A security feature bypass vulnerability in Microsoft Outlook can be exploited remotely to bypass security restrictions.
  11. A remote code execution vulnerability in Microsoft Outlook can be exploited remotely to execute arbitrary code.
  12. A spoofing vulnerability in Microsoft SharePoint Server can be exploited remotely to spoof user interface.
  13. A spoofing vulnerability in Microsoft Outlook can be exploited remotely to spoof user interface.

Первичный источник обнаружения

Эксплуатация

Public exploits exist for this vulnerability.

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

Связанные продукты

Список CVE

  • CVE-2023-33161
    critical
  • CVE-2023-33148
    critical
  • CVE-2023-33158
    critical
  • CVE-2023-33160
    critical
  • CVE-2023-33149
    critical
  • CVE-2023-33165
    critical
  • CVE-2023-33157
    critical
  • CVE-2023-33150
    critical
  • CVE-2023-33152
    critical
  • CVE-2023-33162
    high
  • CVE-2023-33134
    critical
  • CVE-2023-35311
    critical
  • CVE-2023-33153
    critical
  • CVE-2023-33159
    critical
  • CVE-2023-33151
    high

Список KB

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com

Нашли неточность в описании этой уязвимости? Дайте нам знать!
Узнай больше об угрозах и векторах атаки на Энциклопедии Kaspersky
Бесплатно
Читать
Kaspersky Premium
Комплексное решение для защиты вашей цифровой жизни
Премиум
Скачать
Confirm changes?
Your message has been sent successfully.