PT-2019-3915 · Microsoft · Office

Publicado

2019-11-12

Atualizado

2020-08-24

CVE-2019-1457

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified)

Description The issue is related to insufficient input validation in Microsoft Office, which can be exploited by a remote attacker using a specially crafted file to execute arbitrary code. A security feature bypass exists in Microsoft Office software due to the lack of enforcement of macro settings on an Excel document.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Incorrect Permission

RCE

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-732CWE-20

Identificadores relacionados

BDU:2019-04367

CVE-2019-1457

Produtos afetados

Office

PT-2019-3915 · Microsoft · Office

CVE-2019-1457

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 4