Unrated severityNVD Advisory· Published Jul 29, 2019· Updated Aug 4, 2024

CVE-2019-1109

Description

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages., aka 'Microsoft Office Spoofing Vulnerability'.

Affected products

Microsoft/Office Visiocpe-rescue
Range: 2013 Service Pack 1 (32-bit editions)
Microsoft/Office 365 ProPlusv5
Range: 32-bit Systems

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1109mitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.006
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000