Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

KLA11512 Multiple vulnerabilities in Microsoft Office

🗓️ 09 Jul 2019 00:00:00Reported by Kaspersky LabType 
kaspersky
 kaspersky🔗 threats.kaspersky.com👁 72 Views

Multiple vulnerabilities in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, and spoof user interface. Public exploits and malware exist for these vulnerabilities. Install necessary updates from the KB section to fix the issues

Related
Refs
ReporterTitlePublishedViews
Family
BDU FSTEC		The vulnerability of the Microsoft.NET Framework software platform, the Microsoft SharePoint Server, Microsoft SharePoint Enterprise Server, and the Microsoft SharePoint Foundation software for electronic document management, is related to implementation errors in authentication procedures, which allow attackers to escalate their privileges.
18 Jul 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the JavaScript script handler in the Microsoft Office software allows a hacker to read or write arbitrary data.
18 Jul 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Office suite relates to errors in memory object handling, allowing an attacker to execute arbitrary code.
18 Jul 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Office suite relates to errors in memory object handling, allowing an attacker to execute arbitrary code.
18 Jul 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Office suite, related to errors in memory object handling, allows an intruder to gain unauthorized access to protected information.
18 Jul 201900:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft SharePoint software package arises from insufficient cleaning of data provided by users, allowing attackers to carry out cross-site scripting attacks.
23 Jul 201900:00
bdu_fstec
BDU FSTEC		The vulnerabilities of Microsoft Exchange Server, Microsoft Lync and Skype for Business messaging programs, Microsoft Outlook and Outlook for iOS email clients, as well as Microsoft Office and Office 365 software packages, are related to the lack of protection for mission-critical data. This makes it possible for attackers to disclose protected information.
23 Jul 201900:00
bdu_fstec
Circl		CVE-2019-1134
28 Feb 202520:27
circl
CNVD		Microsoft SharePoint Cross-Site Scripting Vulnerability (CNVD-2019-27701)
10 Jul 201900:00
cnvd
Check Point Advisories		Microsoft Excel Information Disclosure (CVE-2019-1112)
9 Jul 201900:00
checkpoint_advisories
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
22 Jan 2024 00:00Current
9.3High risk
Vulners AI Score9.3
CVSS 29.3
CVSS 39.1
CVSS 3.15.4
EPSS0.1316
SSVC
microsoft officevulnerabilitiesexploitarbitrary code executionsensitive informationspoofingpublic exploitsmalwaremicrosoft excelmicrosoft exchangemicrosoft office sharepointmicrosoft lyncmicrosoft outlookcve-2019-1110cve-2019-1084cve-2019-1111cve-2019-1109cve-2019-1112cve-2019-1134cve-2019-1006kb update
72