Vulnerability Description
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Office | 2010 |
| Microsoft | Office 365 Proplus | - |
| Microsoft | Office Online Server | - |
| Microsoft | Office Web Apps Server | 2010 |
| Microsoft | Office Word Viewer | - |
| Microsoft | Sharepoint Server | 2013 |
| Microsoft | Word | 2010 |
| Microsoft | Word Automation Services | - |
References
- http://www.securityfocus.com/bid/106392Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585PatchVendor Advisory
- http://www.securityfocus.com/bid/106392Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0585PatchVendor Advisory
FAQ
What is CVE-2019-0585?
CVE-2019-0585 is a vulnerability with a CVSS score of 8.8 (HIGH). A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word,...
How severe is CVE-2019-0585?
CVE-2019-0585 has been rated HIGH with a CVSS base score of 8.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2019-0585?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office, Microsoft Office 365 Proplus, Microsoft Office Online Server, Microsoft Office Web Apps Server, Microsoft Office Word Viewer.