Microsoft Office Remote Code Execution Vulnerabilities

Last Update Date: 15 Jan 2016 Release Date: 13 Jan 2016 3034 Views

RISK: High Risk

TYPE: Clients - Productivity Products

Multiple Microsoft Office Memory Corruption Vulnerabilities
Multiple remote code execution vulnerabilities exist in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited these vulnerabilities could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Multiple Microsoft SharePoint Security Feature Bypasses
Multiple security feature bypasses exist in Microsoft SharePoint when Access Control Policy (ACP) configuration settings are not enforced correctly.
Microsoft Office ASLR Bypass
A security feature bypass exists when Microsoft Office fails to use the Address Space Layout Randomization (ASLR) security feature, allowing an attacker to more reliably predict the memory offsets of specific instructions in a given call stack. An attacker who successfully exploited it could bypass the Address Space Layout Randomization (ASLR) security feature, which helps protect users from a broad class of vulnerabilities. The security feature bypass by itself does not allow arbitrary code execution. However, an attacker could use this ASLR bypass in conjunction with another vulnerability, such as a remote code execution vulnerability, to more reliably run arbitrary code on a target system.