Описание
Microsoft Office Word Tampering Vulnerability
FAQ
If the preview pane is an attack vector, why is the severity for this vulnerability Important and not Critical?
Even though the preview pane is an attack vector, the attacker cannot achieve remote code execution if they successfully exploit the vulnerability, but can only gain information from the victim.
Are the updates for the Microsoft Office for Mac currently available?
The security update for Microsoft Office 2019 for Mac and Microsoft Office LTSC for Mac 2021 are not immediately available. The updates will be released as soon as possible, and when they are available, customers will be notified via a revision to this CVE information.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Word 2013 Service Pack 1 (32-bit editions) | ||
| Microsoft Word 2013 Service Pack 1 (64-bit editions) | ||
| Microsoft Word 2013 RT Service Pack 1 | - | |
| Microsoft Word 2016 (32-bit edition) | ||
| Microsoft Word 2016 (64-bit edition) | ||
| Microsoft Office 2019 for 32-bit editions | - | |
| Microsoft Office 2019 for 64-bit editions | - | |
| Microsoft Office 2019 for Mac | ||
| Microsoft 365 Apps for Enterprise for 32-bit Systems | - | |
| Microsoft 365 Apps for Enterprise for 64-bit Systems | - |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
5.5 Medium
CVSS3
Связанные уязвимости
Уязвимость пакетов программ Microsoft Office, Microsoft Word и Microsoft 365 Apps for Enterprise, связанная с недостаточной проверкой вводимых данных, позволяющая нарушителю раскрыть защищаемую информацию и обойти существующие ограничения безопасности
EPSS
5.5 Medium
CVSS3