vulnerability
Microsoft CVE-2019-0748: Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 9 | (AV:N/AC:M/Au:N/C:C/I:C/A:C) | Mar 12, 2019 | Mar 12, 2019 | Apr 11, 2019 |
Severity
9
CVSS
(AV:N/AC:M/Au:N/C:C/I:C/A:C)
Published
Mar 12, 2019
Added
Mar 12, 2019
Modified
Apr 11, 2019
Description
A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory. An attacker who successfully exploited this vulnerability could execute arbitrary code on a victim system.
An attacker could exploit this vulnerability by enticing a victim to open a specially crafted file.
The update addresses the vulnerability by correcting the way the Microsoft Office Access Connectivity Engine handles objects in memory.
Solutions
msft-kb4462226-3211acf5-1a44-4107-aa5b-5afca22942c0msft-kb4462226-d3490fa9-9a76-4e4d-b8e7-0688c2eb277b
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.