ByteOS

CVSS Score-8.8||HIGH

EPSS-43.26% / 97.41%

||

7 Day CHG~0.00%

Published-14 Jul, 2020 | 22:54

Updated-04 Aug, 2024 | 06:39

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1448.

Product-office_online_server office_web_apps office word_rt word sharepoint_server sharepoint_enterprise_server 365_apps Microsoft Office Microsoft Office Online Server Microsoft Word Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft SharePoint Enterprise Server Microsoft Office Web Apps Microsoft SharePoint Server Microsoft 365 Apps for Enterprise for 64-bit Systems

CVE-2020-1448

CVSS Score-8.8||HIGH

EPSS-33.09% / 96.75%

||

7 Day CHG~0.00%

Published-14 Jul, 2020 | 22:54

Updated-04 Aug, 2024 | 06:39

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1446, CVE-2020-1447.

Product-office_online_server office_web_apps office word_rt word sharepoint_server sharepoint_enterprise_server Microsoft Office Microsoft Office Online Server Microsoft Word Microsoft SharePoint Enterprise Server Microsoft Office Web Apps Microsoft SharePoint Server

CVE-2020-1445

CVSS Score-5.5||MEDIUM

EPSS-24.87% / 95.94%

||

7 Day CHG-3.43%

Published-14 Jul, 2020 | 22:54

Updated-04 Aug, 2024 | 06:39

An information disclosure vulnerability exists when Microsoft Office improperly discloses the contents of its memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1342.

Product-office_web_apps office_online_server office word sharepoint_enterprise_server 365_apps Microsoft Office Microsoft Office Online Server Microsoft Word Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft SharePoint Enterprise Server Microsoft Office Web Apps Microsoft SharePoint Server Microsoft 365 Apps for Enterprise for 64-bit Systems

CVE-2020-1446

CVSS Score-8.8||HIGH

EPSS-37.28% / 97.05%

||

7 Day CHG~0.00%

Published-14 Jul, 2020 | 22:54

Updated-04 Aug, 2024 | 06:39

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-1447, CVE-2020-1448.

Product-office_online_server office_web_apps office word_rt word sharepoint_server sharepoint_enterprise_server 365_apps Microsoft Office Microsoft Office Online Server Microsoft Word Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft SharePoint Enterprise Server Microsoft Office Web Apps Microsoft SharePoint Server Microsoft 365 Apps for Enterprise for 64-bit Systems

CVE-2020-1442

CVSS Score-6.1||MEDIUM

EPSS-0.61% / 68.69%

||

7 Day CHG~0.00%

Published-14 Jul, 2020 | 22:54

Updated-04 Aug, 2024 | 06:39

A spoofing vulnerability exists when an Office Web Apps server does not properly sanitize a specially crafted request, aka 'Office Web Apps XSS Vulnerability'.

Product-office_online_server office_web_apps Microsoft Office Web Apps Microsoft Office Online Server

CWE ID-CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CVE-2020-1342

CVSS Score-5.5||MEDIUM

EPSS-25.24% / 95.98%

||

7 Day CHG~0.00%

Published-14 Jul, 2020 | 22:54

Updated-04 Aug, 2024 | 06:32

An information disclosure vulnerability exists when Microsoft Office software reads out of bound memory due to an uninitialized variable, which could disclose the contents of memory, aka 'Microsoft Office Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2020-1445.

Product-office_web_apps office_online_server office word sharepoint_server sharepoint_enterprise_server 365_apps Microsoft Office Microsoft Office Online Server Microsoft Word Microsoft 365 Apps for Enterprise for 32-bit Systems Microsoft SharePoint Enterprise Server Microsoft Office Web Apps Microsoft SharePoint Server Microsoft 365 Apps for Enterprise for 64-bit Systems

CWE ID-CWE-125

Out-of-bounds Read

CWE ID-CWE-908

Use of Uninitialized Resource

CVE-2020-0980

CVSS Score-7.8||HIGH

EPSS-33.65% / 96.80%

||

7 Day CHG~0.00%

Published-15 Apr, 2020 | 15:13

Updated-04 Aug, 2024 | 06:18

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'.

Product-office_web_apps office_online_server office_365_proplus office word sharepoint_server sharepoint_enterprise_server Microsoft Office Microsoft Office Online Server Microsoft Word Microsoft SharePoint Enterprise Server Microsoft Office Web Apps Microsoft SharePoint Server Office 365 ProPlus

CVE-2020-0892

CVSS Score-7.8||HIGH

EPSS-33.65% / 96.80%

||

7 Day CHG~0.00%

Published-12 Mar, 2020 | 15:48

Updated-04 Aug, 2024 | 06:18

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0852, CVE-2020-0855.