PT-2019-1164 · Microsoft · Office Online Server+6
Published
2019-01-08
·
Updated
2020-08-24
·
CVE-2019-0585
CVSS v2.0
10
High
| Vector | AV:N/AC:L/Au:N/C:C/I:C/A:C |
Name of the Vulnerable Software and Affected Versions:
Microsoft Word (affected versions not specified)
Microsoft Office (affected versions not specified)
Microsoft Office Word Viewer (affected versions not specified)
Office 365 ProPlus (affected versions not specified)
Microsoft SharePoint (affected versions not specified)
Microsoft Office Online Server (affected versions not specified)
Microsoft SharePoint Server (affected versions not specified)
Office Web Apps Server (affected versions not specified)
SharePoint Enterprise Server (affected versions not specified)
Description:
A remote code execution issue exists due to improper handling of objects in memory. This could allow a remote attacker to execute arbitrary code using a specially crafted file, performing actions in the security context of the current user.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.
Buffer Overflow
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Office
Office Online Server
Office Word Viewer
Sharepoint Server
Office Word
Office 365 Proplus
Office Web Apps Server