CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
microsoftCNA
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_365_proplus
-
microsoftoffice_online_server
-
microsoftoffice_word_viewer
-
microsoftword_automation_services
-
microsoft365_apps
𝑥
< 1812
microsoftoffice
𝑥
< 1812
𝑥
= Vulnerable software versions
Early Detection
Affected products identified ahead of NVD analysis through intelligence sources.
VendorProductVersionSource
microsoftword
2019
CNA
References
http://www.securityfocus.com/bid/106392
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585
http://www.securityfocus.com/bid/106392
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585