{"containers": {"cna": {"affected": [{"product": "Microsoft SharePoint Enterprise Server", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2016"}, {"status": "affected", "version": "2013 Service Pack 1"}]}, {"product": "Microsoft SharePoint Server", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2019"}, {"status": "affected", "version": "2010 Service Pack 2"}]}, {"product": "Microsoft Office", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2019 for 32-bit editions"}, {"status": "affected", "version": "2019 for 64-bit editions"}, {"status": "affected", "version": "2019 for Mac"}, {"status": "affected", "version": "2016 for Mac"}, {"status": "affected", "version": "2010 Service Pack 2 (32-bit editions)"}, {"status": "affected", "version": "2010 Service Pack 2 (64-bit editions)"}]}, {"product": "Microsoft Office Online Server", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Microsoft 365 Apps for Enterprise for 32-bit Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Microsoft 365 Apps for Enterprise for 64-bit Systems", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "unspecified"}]}, {"product": "Microsoft Word", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2016 (32-bit edition)"}, {"status": "affected", "version": "2016 (64-bit edition)"}, {"status": "affected", "version": "2010 Service Pack 2 (32-bit editions)"}, {"status": "affected", "version": "2010 Service Pack 2 (64-bit editions)"}, {"status": "affected", "version": "2013 RT Service Pack 1"}, {"status": "affected", "version": "2013 Service Pack 1 (32-bit editions)"}, {"status": "affected", "version": "2013 Service Pack 1 (64-bit editions)"}]}, {"product": "Microsoft Office Web Apps", "vendor": "Microsoft", "versions": [{"status": "affected", "version": "2010 Service Pack 2"}, {"status": "affected", "version": "2013 Service Pack 1"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448."}], "problemTypes": [{"descriptions": [{"description": "Remote Code Execution", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2020-07-14T22:54:46", "orgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "shortName": "microsoft"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secure@microsoft.com", "ID": "CVE-2020-1446", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "Microsoft SharePoint Enterprise Server", "version": {"version_data": [{"version_value": "2016"}, {"version_value": "2013 Service Pack 1"}]}}, {"product_name": "Microsoft SharePoint Server", "version": {"version_data": [{"version_value": "2019"}, {"version_value": "2010 Service Pack 2"}]}}, {"product_name": "Microsoft Office", "version": {"version_data": [{"version_value": "2019 for 32-bit editions"}, {"version_value": "2019 for 64-bit editions"}, {"version_value": "2019 for Mac"}, {"version_value": "2016 for Mac"}, {"version_value": "2010 Service Pack 2 (32-bit editions)"}, {"version_value": "2010 Service Pack 2 (64-bit editions)"}]}}, {"product_name": "Microsoft Office Online Server", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Microsoft 365 Apps for Enterprise for 32-bit Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Microsoft 365 Apps for Enterprise for 64-bit Systems", "version": {"version_data": [{"version_value": ""}]}}, {"product_name": "Microsoft Word", "version": {"version_data": [{"version_value": "2016 (32-bit edition)"}, {"version_value": "2016 (64-bit edition)"}, {"version_value": "2010 Service Pack 2 (32-bit editions)"}, {"version_value": "2010 Service Pack 2 (64-bit editions)"}, {"version_value": "2013 RT Service Pack 1"}, {"version_value": "2013 Service Pack 1 (32-bit editions)"}, {"version_value": "2013 Service Pack 1 (64-bit editions)"}]}}, {"product_name": "Microsoft Office Web Apps", "version": {"version_data": [{"version_value": "2010 Service Pack 2"}, {"version_value": "2013 Service Pack 1"}]}}]}, "vendor_name": "Microsoft"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "Remote Code Execution"}]}]}, "references": {"reference_data": [{"name": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446", "refsource": "MISC", "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T06:39:09.679Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446"}]}]}, "cveMetadata": {"assignerOrgId": "f38d906d-7342-40ea-92c1-6c4a2c6478c8", "assignerShortName": "microsoft", "cveId": "CVE-2020-1446", "datePublished": "2020-07-14T22:54:46", "dateReserved": "2019-11-04T00:00:00", "dateUpdated": "2024-08-04T06:39:09.679Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:microsoft:365_apps:-:*:*:*:enterprise:*:*:*", "matchCriteriaId": "40C15EDD-98D4-4D06-BA06-21AE0F33C72D", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "081DE1E3-4622-4C32-8B9C-9AEC1CD20638", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2016:*:*:*:*:mac_os:*:*", "matchCriteriaId": "A1A868C4-0A58-4660-9492-1BADD99D8E59", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*", "matchCriteriaId": "FF177984-A906-43FA-BF60-298133FBBD6B", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office:2019:*:*:*:*:mac_os:*:*", "matchCriteriaId": "7996347F-FA43-4665-93AF-8FAA8E720D4A", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_online_server:1.0:*:*:*:*:*:*:*", "matchCriteriaId": "ECB0E226-2343-4C3A-87E4-B3E70138AFE2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "A8235774-4B57-4793-BE26-2CDE67532EDD", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:*", "matchCriteriaId": "B3C3FC9A-D8E5-493A-A575-C831A9A28815", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:*", "matchCriteriaId": "A5D3A185-BE57-403E-914E-FDECEC3A477C", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:*", "matchCriteriaId": "9C082CC4-6128-475D-BC19-B239E348FDB2", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "9A57C675-05A9-4BC2-AE95-7CA5CA6B1F73", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:sharepoint_server:2019:*:*:*:*:*:*:*", "matchCriteriaId": "6122D014-5BF1-4AF4-8B4D-80205ED7785E", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2010:sp2:*:*:*:*:*:*", "matchCriteriaId": "24EEDAD9-9656-4B21-82E4-D60B83777492", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2013:sp1:*:*:*:*:*:*", "matchCriteriaId": "32E1400A-836A-4E48-B2CD-2B0A9A8241BA", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word:2016:*:*:*:*:*:*:*", "matchCriteriaId": "4DA042D4-B14E-4DDF-8423-DFB255679EFE", "vulnerable": true}, {"criteria": "cpe:2.3:a:microsoft:word_rt:2013:sp1:*:*:*:*:*:*", "matchCriteriaId": "558B8B5E-125A-4370-A6E9-3CB75808D7B3", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448."}, {"lang": "es", "value": "Se presenta una vulnerabilidad de ejecuci\u00f3n de c\u00f3digo remota en el software de Microsoft Word cuando no puede manejar apropiadamente objetos en memoria, tambi\u00e9n se conoce como \"Microsoft Word Remote Code Execution Vulnerability\". Este ID de CVE es diferente de CVE-2020-1447, CVE-2020-1448"}], "id": "CVE-2020-1446", "lastModified": "2024-11-21T05:10:34.017", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 6.8, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.6, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": true}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-07-14T23:15:19.823", "references": [{"source": "secure@microsoft.com", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Vendor Advisory"], "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-1446"}], "sourceIdentifier": "secure@microsoft.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{}

{}