CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0540

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.129

EPSS Ranking 93.7%

CVSS Severity

CVSS v3 Score 5.5

CVSS v2 Score 4.3

References

Products affected by CVE-2019-0540

Microsoft » Excel Viewer » Version: N/A

cpe:2.3:a:microsoft:excel_viewer:-
Microsoft » Office » Version: 2010

cpe:2.3:a:microsoft:office:2010
Microsoft » Office » Version: 2013

cpe:2.3:a:microsoft:office:2013
Microsoft » Office » Version: 2016

cpe:2.3:a:microsoft:office:2016
Microsoft » Office » Version: 2019

cpe:2.3:a:microsoft:office:2019
Microsoft » Office 365 Proplus » Version: N/A

cpe:2.3:a:microsoft:office_365_proplus:-
Microsoft » Powerpoint Viewer » Version: N/A

cpe:2.3:a:microsoft:powerpoint_viewer:-
Microsoft » Word Viewer » Version: N/A

cpe:2.3:a:microsoft:word_viewer:-

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2019-0540

Products

Pricing

Contact Us