A security feature bypass vulnerability exists in the way that Office Click-to-Run (C2R) components handle a specially crafted file, which could lead to a standard user, any AppContainer sandbox, and Office LPAC Protected View to escalate privileges to SYSTEM.To exploit this bug, an attacker would have to run a specially crafted file, aka 'Microsoft Office ClickToRun Security Feature Bypass Vulnerability'.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: microsoft

Published: 2019-11-12T18:53:19

Updated: 2024-08-04T18:20:27.673Z

Reserved: 2018-11-26T00:00:00

Link: CVE-2019-1449

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2019-11-12T19:15:16.020

Modified: 2024-11-21T04:36:43.243

Link: CVE-2019-1449

cve-icon Redhat

No data.