CVE-2019-0585

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft SharePoint, Microsoft Office Online Server, Microsoft Word, Microsoft SharePoint Server.

Published: Jan 8, 2019
Updated: Apr 13, 2023
CVE: CVE-2019-0585
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 8.8
AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

CVSS v2:

Severity: High
Score: 9.3
AV:N/AC:M/Au:N/C:C/I:C/A:C

No CWE or OWASP classifications available.

Affected Software
References

Software	From	Fixed in
microsoft / word	2013-sp1	2013-sp1.x
microsoft / word	2016	2016.x
microsoft / office	2010-sp2	2010-sp2.x
microsoft / office_web_apps_server	2010-sp2	2010-sp2.x
microsoft / word	2010-sp2	2010-sp2.x
microsoft / office	2016	2016.x
microsoft / office	2019	2019.x
microsoft / sharepoint_server	2019	2019.x
microsoft / sharepoint_server	2013-sp1	2013-sp1.x
microsoft / sharepoint_server	2016	2016.x

Vulnerability Database

289,599

CVE-2019-0585