Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in

Vulnerabilities fixed in Microsoft Office products

🗓️ 11 Aug 2020 00:00:00Reported by NCSCType 
ncsc
 ncsc🔗 advisories.ncsc.nl👁 2 Views

Microsoft fixed Office and SharePoint vulnerabilities that could allow remote code execution or data access.

Related
ReporterTitlePublishedViews
Family
Information Security Automation		Microsoft Patch Tuesday August 2020: vulnerabilities with Detected Exploitation, useful for phishing and others
30 Aug 202022:13
avleonov
BDU FSTEC		The vulnerability of Microsoft SharePoint Server, SharePoint Foundation, and SharePoint Enterprise Server relates to the lack of protective measures for website structures, allowing attackers to execute cross-site scripting attacks.
28 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Click-to-Run components of Microsoft Office and Office 365, related to memory object processing errors, allows attackers to escalate their privileges.
28 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of Microsoft Word’s text editor, related to errors in memory object handling, allows attackers to exploit this to disclose protected information.
28 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Office suite relates to errors in memory object handling, allowing an attacker to execute arbitrary code.
28 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of Microsoft SharePoint Server, SharePoint Enterprise Server, and Microsoft SharePoint Foundation software for electronic document management exists due to the lack of measures taken to protect the website structure. This vulnerability allows attackers to execute cross-site scripting attacks.
28 Aug 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the relational database management system used by Microsoft Access programs within the Microsoft Office and Office 365 suites allows a perpetrator to execute arbitrary code.
2 Sep 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Outlook email client, as well as Microsoft Office and Microsoft 365 applications, allows attackers to gain control over programs, access data for viewing, modification, or deletion, and create new accounts with full user rights.
9 Sep 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of the Microsoft Outlook email client arises from an operation that occurs outside the buffer in memory, allowing an attacker to disclose protected information.
9 Sep 202000:00
bdu_fstec
BDU FSTEC		The vulnerability of Microsoft Excel editors arises from operations that go beyond buffer boundaries in memory, allowing attackers to execute arbitrary code in the context of the current user.
9 Sep 202000:00
bdu_fstec
Rows per page

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

Book a live demo
11 Aug 2020 00:00Current
6.9Medium risk
Vulners AI Score6.9
CVSS 3.18.8
CVSS 29.3
EPSS0.30325
SSVC
microsoft officesharepoint vulnerabilitiesremote code executiondata accesselevated privileges
2