CVE List

CVE-2019-1109

Critical 9.1

A spoofing vulnerability exists when Microsoft Office Javascript does not check the validity of the web page making a request to Office documents.An attacker who successfully exploited this vulnerability could read or write information in Office documents.The security update addresses the vulnerability by correcting the way that Microsoft Office Javascript verifies trusted web pages., aka 'Microsoft Office Spoofing Vulnerability'.

Published July 15, 2019.

Affected software

Microsoft Office

Microsoft Office 365

Reference links

Sign Up for Alerts