Microsoft: >> Office 365 Proplus Security Vulnerabilities
An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka "Microsoft Office Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office.
CVSS Score
5.5
EPSS Score
0.269
Published
2019-01-08
An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.
CVSS Score
5.5
EPSS Score
0.133
Published
2019-01-08
CVE-2019-0541
A remote code execution vulnerability exists in the way that the MSHTML engine inproperly validates input, aka "MSHTML Engine Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Office Word Viewer, Internet Explorer 9, Internet Explorer 11, Microsoft Excel Viewer, Internet Explorer 10, Office 365 ProPlus.
Known exploited
CVSS Score
8.8
EPSS Score
0.841
Published
2019-01-08
An information disclosure vulnerability exists when Microsoft Excel software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft Excel, Microsoft Excel Viewer, Excel. This CVE ID is unique from CVE-2018-8598.
CVSS Score
5.5
EPSS Score
0.199
Published
2018-12-12
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
CVSS Score
7.8
EPSS Score
0.356
Published
2018-12-12
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8597.
CVSS Score
7.8
EPSS Score
0.312
Published
2018-12-12
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook.
CVSS Score
7.8
EPSS Score
0.466
Published
2018-12-12
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka "Microsoft Excel Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8627.
CVSS Score
4.7
EPSS Score
0.052
Published
2018-12-12
An information disclosure vulnerability exists when Microsoft Outlook fails to respect "Default link type" settings configured via the SharePoint Online Admin Center, aka "Microsoft Outlook Information Disclosure Vulnerability." This affects Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8579.
CVSS Score
6.5
EPSS Score
0.082
Published
2018-11-14
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office. This CVE ID is unique from CVE-2018-8539.
CVSS Score
7.8
EPSS Score
0.163
Published
2018-11-14