CVE-2019-0561

An information disclosure vulnerability exists when Microsoft Word macro buttons are used improperly, aka "Microsoft Word Information Disclosure Vulnerability." This affects Microsoft Word, Office 365 ProPlus, Microsoft Office, Word.

Published: Jan 8, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-0561
Severity: Medium
Exploit:

CVSS v3:

Severity: Medium
Score: 5.5
AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:N/A:N

CVSS v2:

Severity: Low
Score: 4.3
AV:N/AC:M/Au:N/C:P/I:N/A:N

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / word	2013-sp1	2013-sp1.x
microsoft / word	2016	2016.x
microsoft / sharepoint_server	2010-sp2	2010-sp2.x
microsoft / office	2010-sp2	2010-sp2.x
microsoft / office_web_apps_server	2010-sp2	2010-sp2.x
microsoft / word	2010-sp2	2010-sp2.x
microsoft / office	2016	2016.x
microsoft / office	2019	2019.x

http://www.securityfocus.com/bid/106399
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0561

Vulnerability Database

289,599

CVE-2019-0561