Rapid7 Vulnerability & Exploit Database

Microsoft CVE-2019-1461: Microsoft Word Denial of Service Vulnerability

Back to Search

Microsoft CVE-2019-1461: Microsoft Word Denial of Service Vulnerability

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:N/I:N/A:C)
Published
12/10/2019
Created
12/11/2019
Added
12/10/2019
Modified
12/13/2019

Description

A denial of service vulnerability exists in Microsoft Word software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could cause a remote denial of service against a system. Exploitation of the vulnerability requires that a specially crafted document be sent to a vulnerable user. The security update addresses the vulnerability by correcting how Microsoft Word handles objects in memory.

Solution(s)

  • msft-kb4475598-3f7ce915-2479-4e4c-a669-53f5564678d0
  • msft-kb4475598-40572262-d83f-4d09-9f43-c142c953257d
  • msft-kb4475601-4bd31500-ecca-4790-a3a6-349d963214bc
  • msft-kb4475601-86b393fb-9bbe-459b-b2a2-adf5b76e59cc
  • msft-kb4484094-d50dc428-4e00-452b-a4fa-505ae74181b8
  • msft-kb4484094-e39ba7b9-4f3d-4ba9-b4e7-c648707febf1
  • msft-kb4484169-8523e7dc-eb59-4ef0-a938-da1fbb674349
  • msft-kb4484169-e022d907-30dd-4b13-9617-22e79d333095

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;