Vulnerability in Microsoft Access
CVE-2020-0760
A remote code execution vulnerability exists when Microsoft Office improperly loads arbitrary type libraries, aka 'Microsoft Office Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0991.
EPSS: 0.335 (97.0th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Access — versions 2016 (32-bit edition), 2016 (64-bit edition), 2013 Service Pack 1 (64-bit editions)
- Microsoft Excel — versions 2016 (32-bit edition), 2016 (64-bit edition), 2010 Service Pack 2 (32-bit editions)
- Microsoft Office — versions 2019 for 32-bit editions, 2019 for 64-bit editions, 2016 (32-bit edition)
- Microsoft Outlook — versions 2016 (32-bit edition), 2016 (64-bit edition), 2013 Service Pack 1 (32-bit editions)
- Microsoft Powerpoint — versions 2016 (32-bit edition), 2016 (64-bit edition), 2010 Service Pack 2 (32-bit editions)
- Microsoft Project — versions 2013 Service Pack 1 (32-bit editions), 2013 Service Pack 1 (64-bit editions), 2016 (32-bit edition)
- Microsoft Publisher — versions 2010 Service Pack 2 (64-bit editions), 2010 Service Pack 2 (32-bit editions)
- Microsoft Publisher 2013 Service Pack 1 (32-bit Editions) — versions unspecified
- Microsoft Publisher 2013 Service Pack 1 (64-bit Editions) — versions unspecified
- Microsoft Publisher 2016 (32-bit Edition) — versions unspecified
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0760 (x_refsource_MISC)