What is CVE-2019-1205?

CVE-2019-1205 is a vulnerability in Microsoft Office 2016 For Mac. Published 2019-08-14.

Is CVE-2019-1205 known to be exploited?

3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Office 2016 For Mac

CVE-2019-1205

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in t…

EPSS: 0.095 (93.0th percentile) — read the EPSS interpretation.

Affected products

Microsoft Office 2016 For Mac — versions 16.0.0
Microsoft Office 2019 — versions 19.0.0
Microsoft Office 2019 For Mac — versions 16.0.0
Microsoft Office Online Server — versions 16.0.1
Microsoft Sharepoint Server 2019 — versions 16.0.0
Microsoft Office 365 Proplus — versions 16.0.0

Public proof-of-concept exploits

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1205 (x_refsource_MISC)

Frequently asked questions

What is CVE-2019-1205?: CVE-2019-1205 is a vulnerability in Microsoft Office 2016 For Mac. Published 2019-08-14.
Is CVE-2019-1205 known to be exploited?: 3 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.