CVE-2019-1446: Infoleak
First published: Tue Nov 12 2019(Updated: )
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
Credit: secure@microsoft.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Microsoft Excel | =2010-sp2 | |
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2013-sp1 | |
| Microsoft Excel | =2016 | |
| Microsoft Excel Macos | =2016 | |
| Microsoft Office | =2010-sp2 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2013-sp1 | |
| Microsoft Office | =2016 | |
| Microsoft Office | =2019 | |
| Microsoft Office | =2019 | |
| Microsoft Office 365 | ||
| Microsoft Office Online Server | ||
| Microsoft SharePoint Enterprise Server | =2013-sp1 | |
| Microsoft Excel Services | ||
| Microsoft SharePoint Server | =2010-sp2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is CVE-2019-1446?
CVE-2019-1446 is an information disclosure vulnerability in Microsoft Excel that allows improper disclosure of its memory contents.
Which software is affected by CVE-2019-1446?
Microsoft Excel versions 2010 SP2, 2013 SP1, 2016, Microsoft Office versions 2010 SP2, 2013 SP1, 2016, 2019, Microsoft Office 365, Microsoft Office Online Server, Microsoft SharePoint Enterprise Server, and Microsoft Excel Services are affected by CVE-2019-1446.
What is the severity of CVE-2019-1446?
The severity of CVE-2019-1446 is medium, with a severity value of 5.5.
How can I fix CVE-2019-1446?
Apply the latest security updates provided by Microsoft to fix CVE-2019-1446.
Where can I find more information about CVE-2019-1446?
You can find more information about CVE-2019-1446 at the Microsoft Security Guidance Advisory website: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1446.
- agent/last-modified-date
- agent/first-publish-date
- agent/type
- collector/nvd-index
- agent/software-canonical-lookup-request
- agent/references
- agent/author
- agent/remedy
- agent/weakness
- agent/severity
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- collector/mitre-cve
- source/MITRE
- vendor/microsoft
- canonical/microsoft excel
- version/microsoft excel/2010-sp2
- version/microsoft excel/2013-sp1
- version/microsoft excel/2016
- canonical/microsoft excel macos
- version/microsoft excel macos/2016
- canonical/microsoft office
- version/microsoft office/2010-sp2
- version/microsoft office/2013-sp1
- version/microsoft office/2016
- version/microsoft office/2019
- canonical/microsoft office 365
- canonical/microsoft office online server
- canonical/microsoft sharepoint enterprise server
- version/microsoft sharepoint enterprise server/2013-sp1
- canonical/microsoft excel services
- canonical/microsoft sharepoint server
- version/microsoft sharepoint server/2010-sp2