Windows : Microsoft Bulletins : Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2019)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.0.815660

Kategorie: Windows : Microsoft Bulletins

Titel: Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2019)

Zusammenfassung: This host is missing an important security; update according to Microsoft Office Click-to-Run updates.

Beschreibung: Summary:
This host is missing an important security
update according to Microsoft Office Click-to-Run updates.

Vulnerability Insight:
Multiple flaws exist due to:

- An error in Microsoft Excel because it fails to properly handle objects in memory.

- An error when Microsoft Excel improperly discloses the contents of its memory.

- An error in the way that Office Click-to-Run (C2R) components handle a specially
crafted file.

- An error in Microsoft Office because it fails to properly handle objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code on affected system, gain access to sensitive information
and escalate privileges.

Affected Software/OS:
Microsoft Office 365 (2016 Click-to-Run).

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2019-1448
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1448
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0886
Common Vulnerability Exposure (CVE) ID: CVE-2019-1446
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446
Common Vulnerability Exposure (CVE) ID: CVE-2019-1449
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1449
Common Vulnerability Exposure (CVE) ID: CVE-2019-1402
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1402

Copyright Copyright (C) 2019 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.0.815660
Kategorie:	Windows : Microsoft Bulletins
Titel:	Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2019)
Zusammenfassung:	This host is missing an important security; update according to Microsoft Office Click-to-Run updates.
Beschreibung:	Summary: This host is missing an important security update according to Microsoft Office Click-to-Run updates. Vulnerability Insight: Multiple flaws exist due to: - An error in Microsoft Excel because it fails to properly handle objects in memory. - An error when Microsoft Excel improperly discloses the contents of its memory. - An error in the way that Office Click-to-Run (C2R) components handle a specially crafted file. - An error in Microsoft Office because it fails to properly handle objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code on affected system, gain access to sensitive information and escalate privileges. Affected Software/OS: Microsoft Office 365 (2016 Click-to-Run). Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1448 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1448 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0886 Common Vulnerability Exposure (CVE) ID: CVE-2019-1446 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446 Common Vulnerability Exposure (CVE) ID: CVE-2019-1449 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1449 Common Vulnerability Exposure (CVE) ID: CVE-2019-1402 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1402
Copyright	Copyright (C) 2019 Greenbone AG