CVE-2019-1200 - OpenCVE

Vendors	Products
Microsoft	Office Office 365 Proplus Outlook

Link	Providers
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1200

{"containers": {"cna": {"title": "Microsoft Outlook Remote Code Execution Vulnerability", "datePublic": "2019-08-13T07:00:00+00:00", "affected": [{"vendor": "Microsoft", "product": "Microsoft Office 2019", "cpes": ["cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*"], "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "19.0.0", "lessThan": "https://aka.ms/OfficeSecurityReleases", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Office 365 ProPlus", "cpes": ["cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*"], "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "16.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Outlook 2016", "cpes": ["cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:x64:*:*"], "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "16.0.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Outlook 2013 Service Pack 1", "cpes": ["cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:x86:*:*", "cpe:2.3:a:microsoft:outlook:2013:*:*:*:*:*:x64:*", "cpe:2.3:a:microsoft:outlook:2013:*:*:*:rt:*:*:*"], "platforms": ["32-bit Systems", "x64-based Systems", "ARM64-based Systems"], "versions": [{"version": "15.0.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}, {"vendor": "Microsoft", "product": "Microsoft Outlook 2010 Service Pack 2", "cpes": ["cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*"], "platforms": ["32-bit Systems", "x64-based Systems"], "versions": [{"version": "13.0.0.0", "lessThan": "publication", "versionType": "custom", "status": "affected"}]}], "descriptions": [{"value": "A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.\nTo exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.\nNote that the Preview Pane is not an attack vector for this vulnerability.\nThe security update addresses the vulnerability by correcting how Microsoft Outlook handles files in memory.\n", "lang": "en-US"}], "problemTypes": [{"descriptions": [{"description": "Remote Code Execution", "lang": "en-US", "type": "Impact"}]}], "providerMetadata": {"orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft", "dateUpdated": "2024-05-29T16:51:02.119Z"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1200"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T18:13:29.132Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1200"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2019-1200", "datePublished": "2019-08-14T20:55:05", "dateReserved": "2018-11-26T00:00:00", "dateUpdated": "2024-08-04T18:13:29.132Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*", "matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*", "matchCriteriaId": "CA035812-F35A-43F1-9A8D-EE02201AA10A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:outlook:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "F9A115C1-45EB-4688-AD7C-C1854850EE9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:*:*:*:*", "matchCriteriaId": "D7B6DF1E-0DDA-4809-B216-7CEFE0A53E2B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:outlook:2013:sp1:*:*:rt:*:*:*", "matchCriteriaId": "DDA98A76-D0D1-4BFA-BEAC-1C2313F7B859", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:outlook:2016:*:*:*:*:*:*:*", "matchCriteriaId": "E2B1657C-0FF4-461A-BE2A-641275C4B0A0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.\nTo exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario, an attacker could host a website (or leverage a compromised website that accepts or hosts user-provided content) that contains a specially crafted file that is designed to exploit the vulnerability. However, an attacker would have no way to force the user to visit the website. Instead, an attacker would have to convince the user to click a link, typically by way of an enticement in an email or Instant Messenger message, and then convince the user to open the specially crafted file.\nNote that the Preview Pane is not an attack vector for this vulnerability.\nThe security update addresses the vulnerability by correcting how Microsoft Outlook handles files in memory.\n"}, {"lang": "es", "value": "Existe una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el programa Microsoft Outlook cuando no puede manejar apropiadamente los objetos en la memoria, tambi\u00e9n se conoce como \"Microsoft Outlook Remote Code Execution Vulnerability\"."}], "id": "CVE-2019-1200", "lastModified": "2024-05-29T17:16:12.843", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 9.3, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:N/AC:M/Au:N/C:C/I:C/A:C", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 10.0, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV30": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.0"}, "exploitabilityScore": 1.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2019-08-14T21:15:17.907", "references": [{"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1200"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

Metrics

Attack Vector Local

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction Required

Access Vector Network

Access Complexity Medium

Authentication None

Confidentiality Impact Complete

Integrity Impact Complete

Availability Impact Complete

Affected Vendors & Products

JSON object

JSON object

JSON object

JSON object