vulnerability

Microsoft CVE-2019-1109: Microsoft Office Spoofing Vulnerability

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
6	(AV:N/AC:L/Au:N/C:P/I:P/A:N)	Jul 9, 2019	Jul 9, 2019	Jul 22, 2019

Severity

CVSS

(AV:N/AC:L/Au:N/C:P/I:P/A:N)

Published

Jul 9, 2019

Added

Jul 9, 2019

Modified

Jul 22, 2019

Description

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.
An attacker who successfully exploited this vulnerability could read or write information in Office documents.
The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages.

Solutions

msft-kb4018375-0cadba9d-795d-4c68-a941-33bd0f4167f4msft-kb4018375-158c74f0-a837-4cb5-8e7e-f8f24ce280c2

References

CVE-2019-1109
https://attackerkb.com/topics/CVE-2019-1109
MSKB-4018375
MSKB-4464534

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today