Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

KLA11396 Multiple vulnerabilities in Microsoft Office

🗓️ 08 Jan 2019 00:00:00Reported by Kaspersky LabType 
kaspersky
 kaspersky🔗 threats.kaspersky.com👁 215 Views

Multiple vulnerabilities in Microsoft Office allowing for information disclosure, code execution, privilege escalation, and UI spoofin

Related
Refs
ReporterTitlePublishedViews
Family
0day.today		Microsoft Windows MSHTML Engine - (Edit) Remote Code Execution Exploit
13 Mar 201900:00
zdt
Gitee		Exploit for CVE-2014-4878
28 Mar 202000:48
gitee
ATTACKERKB		CVE-2019-0541
8 Jan 201900:00
attackerkb
BDU FSTEC		The vulnerability of the Windows operating system arises from an operation that goes beyond the buffer boundaries in memory, allowing a hacker to execute arbitrary code.
18 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the MSHTML mechanism in the Internet Explorer browser and the Microsoft Office suite allows a hacker to execute arbitrary code.
18 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft SharePoint Server software lies in the lack of measures taken to protect the structure of web pages. This allows attackers to carry out cross-site scripting attacks.
18 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft SharePoint Server software lies in the lack of measures taken to protect the structure of web pages. This allows attackers to carry out cross-site scripting attacks.
18 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft SharePoint Server software lies in the lack of measures taken to protect the structure of web pages. This allows attackers to carry out cross-site scripting attacks.
18 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Office software package lies in the lack of protection for operational data, which allows attackers to gain access to protected information.
18 Jan 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Office software package lies in the lack of protection for operational data, which allows attackers to gain access to protected information.
18 Jan 201900:00
bdu_fstec
Rows per page
SourceLink
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0560
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0559
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0541
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0562
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0556
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0558
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0622
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0557
portalwww.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0561
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
22 Jan 2024 00:00Current
9.1High risk
Vulners AI Score9.1
CVSS 3.18.8
CVSS 29.3
CVSS 38.8
EPSS0.53202
SSVC
microsoft officemicrosoft outlookmshtml enginemicrosoft sharepointskype for androidcve-2019-0560cve-2019-0559cve-2019-0541cve-2019-0562cve-2019-0556cve-2019-0558cve-2019-0622cve-2019-0585cve-2019-0557cve-2019-0561cve-2019-0538cve-2019-0582information disclosureremote code executionelevation of privilegecross-site scriptingsensitive informationarbitrary codeui spoofingpublic exploitsmalwaremicrosoft-officemicrosoft-outlookmicrosoft-excelmicrosoft-word
215