This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Microsoft First view 2019-05-16
Product Office 365 Last view 2019-11-12
Version - Type Application
Update *  
Edition *  
Language *  
Sofware Edition proplus  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:microsoft:office_365

Activity : Overall

Related : CVE

  Date Alert Description
5.5 2019-11-12 CVE-2019-1446

An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.

5.5 2019-11-12 CVE-2019-1402

An information disclosure vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka 'Microsoft Office Information Disclosure Vulnerability'.

9.1 2019-07-15 CVE-2019-1109

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages., aka 'Microsoft Office Spoofing Vulnerability'.

7.8 2019-05-16 CVE-2019-0945

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0946, CVE-2019-0947.

CWE : Common Weakness Enumeration

%idName
50% (2) CWE-200 Information Exposure
25% (1) CWE-20 Improper Input Validation
25% (1) CWE-19 Data Handling