Microsoft Office Excel – Security Feature Bypass

 

Description: To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software.

Threat: A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document.

Criticality: High

Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1457

 

Adobe Illustrator – Arbitrary Code Execution Vulnerability

 

Description: Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability.

Threat: An attacker who exploited the vulnerability could execute arbitrary code.

Criticality: High

Update/Patch: https://helpx.adobe.com/security/products/illustrator/apsb19-36.html

 

WhatsApp – Remote Code Execution Vulnerability

 

Description: A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user.

Threat:  Successful exploitation of this vulnerability could lead to Denial of Service Attacks (DoS) or Remote Code Execution (RCE).

Criticality: Medium

Update/Patch: https://www.facebook.com/security/advisories/cve-2019-11931

 

0 Comments

Submit a Comment

Subscribe To Our Newsletter

Subscribe To Our Newsletter

Register your email to receive the latest news and updates from getNEXT.

You have Successfully Subscribed!

Share This