Home

CVE-2019-1462

Description

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka Microsoft PowerPoint Remote Code Execution Vulnerability.

Risk Information

Base Score
7.8
MODERATE
Vector
CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
EPSS Score
Exploitation Probability
21.311

Associated Vulnerability

VulnerabilityOS Platform
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft PowerPoint 2010 (KB4461613) 32-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft PowerPoint 2010 (KB4461613) 64-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft PowerPoint 2016 (KB4484166) 32-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft PowerPoint 2016 (KB4484166) 64-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft PowerPoint 2013 (KB4461590) 32-Bit EditionWindows
Microsoft PowerPoint Remote Code Execution Vulnerability for Microsoft PowerPoint 2013 (KB4461590) 64-Bit EditionWindows
Microsoft Access Information Disclosure Vulnerability for Office 365 Professional Plus Semi Annual Channel for x64 1902 of version(11328.20492)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Professional Plus Semi Annual Channel for x86 1902 of version(11328.20492)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Business Edition Semi Annual Channel for x64 1902 of version(11328.20492)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Business Edition Semi Annual Channel for x86 1902 of version(11328.20492)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Semi-Annual Channel Version 1902 (Build 11328.20492)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Professional Plus Semi Annual Targeted Channel for x64 1908 of version(11929.20516)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Professional Plus Semi Annual Targeted Channel for x86 1908 of version(11929.20516)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Targeted Channel Version 1908 (Build 11929.20516)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Professional Plus Monthly Channel for x64 1911 of version(12228.20364)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Professional Plus Monthly Channel for x86 1911 of version(12228.20364)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Business Edition Monthly Channel for x64 1911 of version(12228.20364)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Business Edition Monthly Channel for x86 1911 of version(12228.20364)Windows
Microsoft Access Information Disclosure Vulnerability for Office 365 Monthly Channel Version 1911 (Build 12228.20364)Windows

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-27951Security Update for Microsoft PowerPoint 2010 (KB4461613) 32-Bit Edition
PATCH-27952Security Update for Microsoft PowerPoint 2010 (KB4461613) 64-Bit Edition
PATCH-27971Security Update for Microsoft PowerPoint 2016 (KB4484166) 32-Bit Edition
PATCH-27972Security Update for Microsoft PowerPoint 2016 (KB4484166) 64-Bit Edition
PATCH-27961Security Update for Microsoft PowerPoint 2013 (KB4461590) 32-Bit Edition
PATCH-27962Security Update for Microsoft PowerPoint 2013 (KB4461590) 64-Bit Edition
PATCH-28066Update for Office 365 Professional Plus Semi Annual Channel for x64 1902 of version(11328.20492)
PATCH-28068Update for Office 365 Professional Plus Semi Annual Channel for x86 1902 of version(11328.20492)
PATCH-28070Update for Office 365 Business Edition Semi Annual Channel for x64 1902 of version(11328.20492)
PATCH-28081Update for Office 365 Semi-Annual Channel Version 1902 (Build 11328.20492)
PATCH-28074Update for Office 365 Professional Plus Semi Annual Targeted Channel for x64 1908 of version(11929.20516)
PATCH-28076Update for Office 365 Professional Plus Semi Annual Targeted Channel for x86 1908 of version(11929.20516)
PATCH-28082Update for Office 365 Targeted Channel Version 1908 (Build 11929.20516)
PATCH-28058Update for Office 365 Professional Plus Monthly Channel for x64 1911 of version(12228.20364)
PATCH-28060Update for Office 365 Professional Plus Monthly Channel for x86 1911 of version(12228.20364)
PATCH-28062Update for Office 365 Business Edition Monthly Channel for x64 1911 of version(12228.20364)
PATCH-28064Update for Office 365 Business Edition Monthly Channel for x86 1911 of version(12228.20364)
PATCH-28083Update for Office 365 Monthly Channel Version 1911 (Build 12228.20364)

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234