CVE-2020-0852

Published: Mar 12, 2020Modified: Nov 21, 2024

7.8

Vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0851, CVE-2020-0855, CVE-2020-0892.

Affected (4)

Products: Microsoft: Office, Office Online Server, Sharepoint Server

3 products

Office Online Server

Sharepoint Server

Configuration A

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2016
Microsoft Office	Version 2019
Microsoft Office Online Server	Version 1.0
Microsoft Sharepoint Server	Version 2019

References (2)

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0852

Source: secure@microsoft.com

PatchVendor Advisory

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0852

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.