Описание
Microsoft Office Information Disclosure Vulnerability
FAQ
What type of information could be disclosed by this vulnerability?
The type of information that could be disclosed if an attacker successfully exploited this vulnerability is user tokens and other potentially sensitive information.
According to the CVSS metric, the attack vector is local (AV:L). What does this mean for this vulnerability?
The attacker would have to be an authenticated user logged on to the vulnerable system to be able to exploit this vulnerability.
According to the CVSS metric, privileges required is low (PR:L). What does that mean for this vulnerability?
The attacker must be authenticated to be able to exploit this vulnerability.
Is the Preview Pane an attack vector for this vulnerability?
No, the Preview Pane is not an attack vector.
Обновления
| Продукт | Статья | Обновление |
|---|---|---|
| Microsoft Office 2019 for Mac | ||
| Microsoft Office LTSC for Mac 2021 |
Показывать по
Возможность эксплуатации
Publicly Disclosed
Exploited
Latest Software Release
Older Software Release
DOS
EPSS
3.3 Low
CVSS3
Связанные уязвимости
Microsoft Office Information Disclosure Vulnerability.
Уязвимость пакета программ Microsoft Office for Mac, связанная с недостаточной защитой служебных данных, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации
EPSS
3.3 Low
CVSS3