CVE-2019-0585

Summary

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWordAutomation Services on Microsoft SharePoint Server 2010 Service Pack 2affected
MicrosoftMicrosoft Office2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Office2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Office2016 for Macaffected
MicrosoftMicrosoft Office2019 for 32-bit editionsaffected
MicrosoftMicrosoft Office2019 for 64-bit editionsaffected
MicrosoftMicrosoft Office2019 for Macaffected
MicrosoftMicrosoft OfficeWeb Apps Server 2010 Service Pack 2affected
MicrosoftMicrosoft Office Word ViewerMicrosoft Office Word Vieweraffected
MicrosoftMicrosoft SharePointEnterprise Server 2013 Service Pack 1affected
MicrosoftMicrosoft SharePointEnterprise Server 2016affected
MicrosoftOffice365 ProPlus for 32-bit Systemsaffected
MicrosoftOffice365 ProPlus for 64-bit Systemsaffected
MicrosoftMicrosoft Office Online ServerMicrosoft Office Online Serveraffected
MicrosoftMicrosoft Word2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Word2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Word2013 RT Service Pack 1affected
MicrosoftMicrosoft Word2013 Service Pack 1 (32-bit editions)affected
MicrosoftMicrosoft Word2013 Service Pack 1 (64-bit editions)affected
MicrosoftMicrosoft Word2016 (32-bit edition)affected
MicrosoftMicrosoft Word2016 (64-bit edition)affected
MicrosoftMicrosoft SharePoint Server2019affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References