Mac OS X Local Security Checks : Microsoft Office Multiple Vulnerabilities (Aug 2019)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.815197

Categoría: Mac OS X Local Security Checks

Título: Microsoft Office Multiple Vulnerabilities (Aug 2019) - Mac OS X

Resumen: This host is missing a critical security; update for Microsoft Office 2019 on Mac OS X according to Microsoft security; update August 2019

Descripción: Summary:
This host is missing a critical security
update for Microsoft Office 2019 on Mac OS X according to Microsoft security
update August 2019

Vulnerability Insight:
Multiple flaws exist due to:

- Multiple errors in Microsoft Word software when it fails to properly handle
objects in memory.

- Multiple errors when the Microsoft Windows Graphics Component improperly
handles objects in memory.

- Multiple errors when the Windows font library improperly handles specially
crafted embedded fonts.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code in the context of the current user and gain access to
potentially sensitive data.

Affected Software/OS:
Microsoft Office 2019 on Mac OS X.

Solution:
Upgrade to latest version provided by vendor.
Please see the references for more information.

CVSS Score:
9.3

CVSS Vector:
AV:N/AC:M/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-1201
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1201
Common Vulnerability Exposure (CVE) ID: CVE-2019-1205
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1205
Common Vulnerability Exposure (CVE) ID: CVE-2019-1148
http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148
Common Vulnerability Exposure (CVE) ID: CVE-2019-1149
http://packetstormsecurity.com/files/154086/Microsoft-Font-Subsetting-DLL-FixSbitSubTables-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1149
Common Vulnerability Exposure (CVE) ID: CVE-2019-1151
http://packetstormsecurity.com/files/154092/Microsoft-Font-Subsetting-DLL-ReadAllocFormat12CharGlyphMapList-Heap-Corruption.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1151
Common Vulnerability Exposure (CVE) ID: CVE-2019-1153
http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbitSubTableFormat1-Out-Of-Bounds-Read.html
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153

Copyright Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.815197
Categoría:	Mac OS X Local Security Checks
Título:	Microsoft Office Multiple Vulnerabilities (Aug 2019) - Mac OS X
Resumen:	This host is missing a critical security; update for Microsoft Office 2019 on Mac OS X according to Microsoft security; update August 2019
Descripción:	Summary: This host is missing a critical security update for Microsoft Office 2019 on Mac OS X according to Microsoft security update August 2019 Vulnerability Insight: Multiple flaws exist due to: - Multiple errors in Microsoft Word software when it fails to properly handle objects in memory. - Multiple errors when the Microsoft Windows Graphics Component improperly handles objects in memory. - Multiple errors when the Windows font library improperly handles specially crafted embedded fonts. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code in the context of the current user and gain access to potentially sensitive data. Affected Software/OS: Microsoft Office 2019 on Mac OS X. Solution: Upgrade to latest version provided by vendor. Please see the references for more information. CVSS Score: 9.3 CVSS Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1201 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1201 Common Vulnerability Exposure (CVE) ID: CVE-2019-1205 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1205 Common Vulnerability Exposure (CVE) ID: CVE-2019-1148 http://packetstormsecurity.com/files/154084/Microsoft-Font-Subsetting-DLL-GetGlyphId-Out-Of-Bounds-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1148 Common Vulnerability Exposure (CVE) ID: CVE-2019-1149 http://packetstormsecurity.com/files/154086/Microsoft-Font-Subsetting-DLL-FixSbitSubTables-Heap-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1149 Common Vulnerability Exposure (CVE) ID: CVE-2019-1151 http://packetstormsecurity.com/files/154092/Microsoft-Font-Subsetting-DLL-ReadAllocFormat12CharGlyphMapList-Heap-Corruption.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1151 Common Vulnerability Exposure (CVE) ID: CVE-2019-1153 http://packetstormsecurity.com/files/154098/Microsoft-Font-Subsetting-DLL-FixSbitSubTableFormat1-Out-Of-Bounds-Read.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1153
Copyright	Copyright (C) 2019 Greenbone AG