Description

A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.

Remediation

References

CVE-2019-1442

Related Vulnerabilities

Dot CMS Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-19138)

WordPress Plugin Popup Builder-Create highly converting, mobile friendly marketing popups SQL Injection (2.6.7.6)

IBM RTC Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1251)

WordPress Plugin Bricks Remote Code Execution (1.9.6)

WordPress Plugin 5gig Concerts Unspecified Vulnerability (1.0)

Severity

Medium

Classification

CVE-2019-1442 CWE-346 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:H/A:N

Tags

Missing Update Known Vulnerabilities