6 matches found
CVE-2019-1445
A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly, aka 'Microsoft Office Online Spoofing Vulnerability'. This CVE ID is unique from CVE-2019-1447...
CVE-2019-1445
The vulnerability CVE-2019-1445 affects Microsoft Office Online/Office Online Server, resulting from improper validation of the origin in cross-origin communication handlers. This root cause enables spoofing via cross-origin requests when Office Online handles cross-domain messages. Evidence from...
Description of the security update for Office Online Server: November 12, 2019
Description of the security update for Office Online Server: November 12, 2019 Summary This security update resolves a spoofing vulnerability that exists when Office Online does not validate origin in cross-origin communications handlers correctly. To learn more about the vulnerability, see the...
KLA11604 Multiple vulnerabilities in Microsoft Office
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to obtain sensitive information, bypass security restrictions, spoof user interface, execute arbitrary code. Below is a complete list of vulnerabilities: 1. An information disclosure...
Microsoft Office Online CVE-2019-1445 Spoofing Vulnerability
Description Microsoft Office Online is prone to a security vulnerability that may allow attackers to conduct spoofing attacks. An attacker can exploit this issue to conduct spoofing attacks and perform unauthorized actions; other attacks are also possible. Technologies Affected Microsoft Office...
Security Updates for Microsoft Office Online Server (November 2019)
The Microsoft Office Online Server installation on the remote host is missing security updates. It is, therefore, affected by multiple vulnerabilities : - A spoofing vulnerability exists when Office Online does not validate origin in cross-origin communications handlers correctly. An attacker cou...