Windows : Microsoft Bulletins : Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Jul 2019)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.815167

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Jul 2019)

Resumen: This host is missing an important security; update according to Microsoft Office Click-to-Run updates.

Descripción: Summary:
This host is missing an important security
update according to Microsoft Office Click-to-Run updates.

Vulnerability Insight:
Multiple flaws exist due to:

- An error when Microsoft Exchange allows creation of entities with Display
Names having non-printable characters.

- An error when Microsoft Office Javascript does not check the validity of the
web page making a request to Office documents.

- Multiple errors in Microsoft Excel because it fails to properly handle objects in memory.

- An error when Microsoft Excel improperly discloses the contents of its memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code in the context of the current user, read or write information
in Office documents and gain access to sensitive data.

Affected Software/OS:
Microsoft Office 365 (2016 Click-to-Run).

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-1084
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1084
Common Vulnerability Exposure (CVE) ID: CVE-2019-1109
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1109
Common Vulnerability Exposure (CVE) ID: CVE-2019-1110
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1110
Common Vulnerability Exposure (CVE) ID: CVE-2019-1111
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1111
Common Vulnerability Exposure (CVE) ID: CVE-2019-1112
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112

Copyright Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.815167
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Jul 2019)
Resumen:	This host is missing an important security; update according to Microsoft Office Click-to-Run updates.
Descripción:	Summary: This host is missing an important security update according to Microsoft Office Click-to-Run updates. Vulnerability Insight: Multiple flaws exist due to: - An error when Microsoft Exchange allows creation of entities with Display Names having non-printable characters. - An error when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents. - Multiple errors in Microsoft Excel because it fails to properly handle objects in memory. - An error when Microsoft Excel improperly discloses the contents of its memory. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code in the context of the current user, read or write information in Office documents and gain access to sensitive data. Affected Software/OS: Microsoft Office 365 (2016 Click-to-Run). Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1084 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1084 Common Vulnerability Exposure (CVE) ID: CVE-2019-1109 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1109 Common Vulnerability Exposure (CVE) ID: CVE-2019-1110 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1110 Common Vulnerability Exposure (CVE) ID: CVE-2019-1111 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1111 Common Vulnerability Exposure (CVE) ID: CVE-2019-1112 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1112
Copyright	Copyright (C) 2019 Greenbone AG