PT-2019-2684 · Microsoft · Office
Publicado
2019-07-09
·
Atualizado
2019-07-29
·
CVE-2019-1109
CVSS v3.1
9.1
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N |
Name of the Vulnerable Software and Affected Versions
Microsoft Office (affected versions not specified)
Description
A spoofing issue exists due to Microsoft Office Javascript not validating the web page requesting access to Office documents. This could allow an attacker to read or write information in Office documents. The security update corrects how Microsoft Office Javascript verifies trusted web pages.
Recommendations
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
RCE
Authentication Bypass by Spoofing
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Identificadores relacionados
Produtos afetados
Office