| Reporter | Title | Published | Views | Family All 20 |
|---|---|---|---|---|
| Vulnerabilities of Microsoft Office and Office 365 applications, Office Online Server web servers, and Microsoft Word text editor are caused by an operation that goes beyond buffer boundaries in memory, allowing attackers to execute arbitrary code. | 14 Jun 201900:00 | – | bdu_fstec | |
| CVE-2019-0953 | 16 May 201919:50 | – | circl | |
| Microsoft Word Remote Code Execution Vulnerability (CNVD-2020-20379) | 15 May 201900:00 | – | cnvd | |
| CVE-2019-0953 | 16 May 201918:17 | – | cve | |
| CVE-2019-0953 | 16 May 201918:17 | – | cvelist | |
| Description of the security update for Office Online Server: May 14, 2019 | 14 May 201907:00 | – | mskb | |
| End of support for Office 2016 and Office 2019 | 14 May 201907:00 | – | mskb | |
| KLA11484 Multiple vulnerabilities in Microsoft Office | 14 May 201900:00 | – | kaspersky | |
| Security Update for Microsoft Office (May 2019) (macOS) | 16 May 201900:00 | – | nessus | |
| Security Updates for Microsoft Word Products (May 2019) | 14 May 201900:00 | – | nessus |
| Source | Link |
|---|---|
| nessus | www.nessus.org/u |
| cve | www.cve.mitre.org/cgi-bin/cvename.cgi |
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#
include('compat.inc');
if (description)
{
script_id(130261);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");
script_cve_id("CVE-2019-0953");
script_bugtraq_id(108211);
script_xref(name:"MSKB", value:"4462169");
script_xref(name:"MSFT", value:"MS19-4462169");
script_xref(name:"CEA-ID", value:"CEA-2019-0326");
script_name(english:"Security Updates for Microsoft Office Online Server Apps (May 2019)");
script_set_attribute(attribute:"synopsis", value:
"The Microsoft Office Online Server installation on the remote host is missing a security update.");
script_set_attribute(attribute:"description", value:
"The Microsoft Office Online Server installation on the
remote host is missing a security update. It is, therefore,
affected by the following vulnerability:
- A remote code execution vulnerability exists in
Microsoft Word software when it fails to properly handle
objects in memory. An attacker who successfully
exploited the vulnerability could use a specially
crafted file to perform actions in the security context
of the current user. For example, the file could then
take actions on behalf of the logged-on user with the
same permissions as the current user. (CVE-2019-0953)");
# https://support.microsoft.com/en-us/help/4462169/description-of-the-security-update-for-office-online-server-may-14
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?4bde1dbb");
script_set_attribute(attribute:"solution", value:
"Microsoft has released KB4462169 to address this issue.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-0953");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/05/14");
script_set_attribute(attribute:"patch_publication_date", value:"2019/05/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2019/10/25");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:office_web_apps");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2019-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("office_installed.nasl", "microsoft_owa_installed.nbin", "microsoft_office_compatibility_pack_installed.nbin", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, "Host/patch_management_checks");
exit(0);
}
include('audit.inc');
include('smb_func.inc');
include('smb_hotfixes.inc');
include('smb_hotfixes_fcheck.inc');
include('smb_reg_query.inc');
include('misc_func.inc');
include('install_func.inc');
get_kb_item_or_exit('SMB/MS_Bulletin_Checks/Possible');
bulletin = 'MS19-05';
kbs = make_list('4462169');
if (get_kb_item('Host/patch_management_checks')) hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);
get_kb_item_or_exit('SMB/Registry/Enumerated', exit_code:1);
port = kb_smb_transport();
# Get installs of Office Web Apps
owa_installs = get_installs(app_name:'Microsoft Office Web Apps');
if (!empty_or_null(owa_installs))
{
foreach owa_install (owa_installs[1])
{
if (owa_install['Product'] == '2016')
{
oos_path = owa_install['path'];
oos_sp = owa_install['SP'];
}
}
}
vuln = FALSE;
####################################################################
# Office Online Server
####################################################################
if (oos_path && (!isnull(oos_sp) && oos_sp == '0'))
{
path = hotfix_append_path(path:oos_path, value:"ExcelServicesEcs\bin");
if (hotfix_check_fversion(file:'xlsrv.dll', version:'16.0.10344.20001', min_version:'16.0.0.0', path:path, kb:'4462169', product:'Office Online Server') == HCF_OLDER)
vuln = TRUE;
}
if (vuln)
{
replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);
hotfix_security_hole();
hotfix_check_fversion_end();
exit(0);
}
else
{
hotfix_check_fversion_end();
audit(AUDIT_HOST_NOT, 'affected');
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation