First published: Tue Dec 10 2019(Updated: )
An information disclosure vulnerability exists when Microsoft Excel improperly discloses the contents of its memory, aka 'Microsoft Excel Information Disclosure Vulnerability'.
Credit: secure@microsoft.com
Affected Software | Affected Version | How to fix |
---|---|---|
Microsoft Excel | =2010-sp2 | |
Microsoft Excel | =2013-sp1 | |
Microsoft Excel | =2016 | |
Microsoft Office | =2010-sp2 | |
Microsoft Office | =2013-sp1 | |
Microsoft Office | =2013-sp1 | |
Microsoft Office | =2016 | |
Microsoft Office Mac Os | =2016 | |
Microsoft Office | =2019 | |
Microsoft Office | =2019 | |
Microsoft Office 365 Proplus |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2019-1464 is an information disclosure vulnerability in Microsoft Excel that allows unauthorized access to the contents of its memory.
CVE-2019-1464 allows attackers to view the contents of Excel's memory, potentially exposing sensitive data.
CVE-2019-1464 affects Microsoft Excel versions 2010 SP2, 2013 SP1, and 2016.
Yes, other Microsoft Office applications such as Office 2010 SP2, Office 2013 SP1, and Office 2016 are also affected by CVE-2019-1464.
CVE-2019-1464 has a severity level of medium with a CVSS score of 5.5.
To mitigate CVE-2019-1464, apply the latest security updates provided by Microsoft.