Microsoft Office Excel – Security Feature Bypass
Description: To exploit the vulnerability, an attacker would have to convince a user to open a specially crafted file with an affected version of Microsoft Office software.
Threat: A security feature bypass vulnerability exists in Microsoft Office software by not enforcing macro settings on an Excel document.
Criticality: High
Update/Patch: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1457
Adobe Illustrator – Arbitrary Code Execution Vulnerability
Description: Adobe Illustrator CC versions 23.1 and earlier have a memory corruption vulnerability.
Threat: An attacker who exploited the vulnerability could execute arbitrary code.
Criticality: High
Update/Patch: https://helpx.adobe.com/security/products/illustrator/apsb19-36.html
WhatsApp – Remote Code Execution Vulnerability
Description: A stack-based buffer overflow could be triggered in WhatsApp by sending a specially crafted MP4 file to a WhatsApp user.
Threat: Successful exploitation of this vulnerability could lead to Denial of Service Attacks (DoS) or Remote Code Execution (RCE).
Criticality: Medium
Update/Patch: https://www.facebook.com/security/advisories/cve-2019-11931
0 Comments