Lucene search
Jaanus Kp, Clarified SecurityZDI-19-054HistoryJan 17, 2019 - 12:00 a.m.
Microsoft Office Word wwlib Use-After-Free Remote Code Execution Vulnerability
2019-01-1700:00:00
Jaanus Kp, Clarified Security
www.zerodayinitiative.com
22
0.18 Low
EPSS
Percentile
96.2%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of DOC files in wwlib. A crafted file can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code in the context of the current process.
Related
openvas
openvas
Microsoft Office Word Viewer Remote Code Execution Vulnerability (KB4461635)
2019-01-09 00:00:00
Microsoft Office Word Viewer Remote Code Execution Vulnerability (KB4462112)
2019-01-09 00:00:00
Microsoft Word 2016 Multiple Vulnerabilities (KB4461543)
2019-01-09 00:00:00
mscve
mscve
Microsoft Word Remote Code Execution Vulnerability
2019-01-08 08:00:00
symantec
symantec
Microsoft Word CVE-2019-0585 Remote Code Execution Vulnerability
2019-01-08 00:00:00
mskb
mskb
cve
cve
CVE-2019-0585
2019-01-08 21:29:02
nvd
nvd
CVE-2019-0585
2019-01-08 21:29:02
prion
prion
Remote code execution
2019-01-08 21:29:00
cvelist
cvelist
CVE-2019-0585
2019-01-08 21:00:00
nessus
nessus
Security Updates for Microsoft Word Products C2R (January 2019)
2022-06-10 00:00:00
Security Updates for Microsoft Word Products (January 2019)
2019-01-08 00:00:00
Security Update for Microsoft Office (Jan 2019) (macOS)
2019-02-01 00:00:00
myhack58
myhack58
kaspersky
kaspersky
KLA11396 Multiple vulnerabilities in Microsoft Office
2019-01-08 00:00:00
talosblog
talosblog