Vulnerability in Microsoft Office
CVE-2020-0892
A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851…
EPSS: 0.402 (97.4th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office — versions 2019 for 32-bit editions, 2019 for 64-bit editions, 2019 for Mac
- Microsoft Office Online Server — versions unspecified
- Microsoft Office Web Apps — versions 2010 Service Pack 2
- Microsoft Sharepoint Enterprise Server — versions 2016, 2013 Service Pack 1
- Microsoft Sharepoint Foundation — versions 2013 Service Pack 1
- Microsoft Sharepoint Server — versions 2019, 2010 Service Pack 2
- Microsoft Word — versions 2016 (32-bit edition), 2016 (64-bit edition), 2010 Service Pack 2 (32-bit editions)
- Microsoft Office 365 Proplus — versions 32-bit Systems, 64-bit Systems
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0892 (x_refsource_MISC)