Office 365 ProPlus
by Microsoft
CVEs (63)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2019-1400 | 0.00 | — | 0.02 | Dec 10, 2019 | An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463. | |||
| CVE-2019-1449 | 0.00 | — | 0.06 | Nov 12, 2019 | A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this… | |||
| CVE-2019-1402 | 0.00 | — | 0.02 | Nov 12, 2019 | An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'. |
- CVE-2019-1400Dec 10, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.
- CVE-2019-1449Nov 12, 2019risk 0.00cvss —epss 0.06
A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this…
- CVE-2019-1402Nov 12, 2019risk 0.00cvss —epss 0.02
An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.
Page 4 of 4