CVE-2020-1458

Name of the Vulnerable Software and Affected Versions Microsoft Office (affected versions not specified) Microsoft 365 Apps for Enterprise (affected versions not specified)

Description A remote code execution issue exists due to improper input validation before loading dynamic link library (DLL) files. This can be exploited by an attacker to execute arbitrary code using a specially crafted document. The vulnerability is also related to the use of an unreliable path search.

Recommendations For Microsoft Office, at the moment, there is no information about a newer version that contains a fix for this vulnerability. For Microsoft 365 Apps for Enterprise, at the moment, there is no information about a newer version that contains a fix for this vulnerability.