Windows : Microsoft Bulletins : Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2019)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.815660

Categoría: Windows : Microsoft Bulletins

Título: Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2019)

Resumen: This host is missing an important security; update according to Microsoft Office Click-to-Run updates.

Descripción: Summary:
This host is missing an important security
update according to Microsoft Office Click-to-Run updates.

Vulnerability Insight:
Multiple flaws exist due to:

- An error in Microsoft Excel because it fails to properly handle objects in memory.

- An error when Microsoft Excel improperly discloses the contents of its memory.

- An error in the way that Office Click-to-Run (C2R) components handle a specially
crafted file.

- An error in Microsoft Office because it fails to properly handle objects in memory.

Vulnerability Impact:
Successful exploitation will allow an attacker
to run arbitrary code on affected system, gain access to sensitive information
and escalate privileges.

Affected Software/OS:
Microsoft Office 365 (2016 Click-to-Run).

Solution:
The vendor has released updates. Please see
the references for more information.

CVSS Score:
10.0

CVSS Vector:
AV:N/AC:L/Au:N/C:C/I:C/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2019-1448
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1448
https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0886
Common Vulnerability Exposure (CVE) ID: CVE-2019-1446
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446
Common Vulnerability Exposure (CVE) ID: CVE-2019-1449
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1449
Common Vulnerability Exposure (CVE) ID: CVE-2019-1402
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1402

Copyright Copyright (C) 2019 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.815660
Categoría:	Windows : Microsoft Bulletins
Título:	Microsoft Office 365 (2016 Click-to-Run) Multiple Vulnerabilities (Nov 2019)
Resumen:	This host is missing an important security; update according to Microsoft Office Click-to-Run updates.
Descripción:	Summary: This host is missing an important security update according to Microsoft Office Click-to-Run updates. Vulnerability Insight: Multiple flaws exist due to: - An error in Microsoft Excel because it fails to properly handle objects in memory. - An error when Microsoft Excel improperly discloses the contents of its memory. - An error in the way that Office Click-to-Run (C2R) components handle a specially crafted file. - An error in Microsoft Office because it fails to properly handle objects in memory. Vulnerability Impact: Successful exploitation will allow an attacker to run arbitrary code on affected system, gain access to sensitive information and escalate privileges. Affected Software/OS: Microsoft Office 365 (2016 Click-to-Run). Solution: The vendor has released updates. Please see the references for more information. CVSS Score: 10.0 CVSS Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2019-1448 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1448 https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0886 Common Vulnerability Exposure (CVE) ID: CVE-2019-1446 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446 Common Vulnerability Exposure (CVE) ID: CVE-2019-1449 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1449 Common Vulnerability Exposure (CVE) ID: CVE-2019-1402 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1402
Copyright	Copyright (C) 2019 Greenbone AG