Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-0801

Опубликовано: 09 апр. 2019
Источник: nvd
CVSS3: 7.8
CVSS2: 6.8
EPSS Средний

Описание

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addresses the vulnerability by correcting how Office handles these files., aka 'Office Remote Code Execution Vulnerability'.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_365_proplus:*:*:*:*:*:*:*:*

EPSS

Процентиль: 96%
0.23515
Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-19

Связанные уязвимости

msrc логотип

CVE-2019-0801

msrc
больше 6 лет назад

Office Remote Code Execution Vulnerability

github логотип

GHSA-9f2h-rch5-q9wg

CVSS3: 7.8
github
больше 3 лет назад

A remote code execution vulnerability exists when Microsoft Office fails to properly handle certain files.To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted URL file that points to an Excel or PowerPoint file that was also downloaded.The update addresses the vulnerability by correcting how Office handles these files., aka 'Office Remote Code Execution Vulnerability'.

fstec логотип

BDU:2019-01496

CVSS3: 7.8
fstec
больше 6 лет назад

Уязвимость пакета програм Mirosoft Office, связанная с ошибками обработки данных, позволяющая нарушителю выполнять произвольный код

EPSS

Процентиль: 96%
0.23515
Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

CWE-19