Microsoft Word OLE32.dll Library Security Bypass Vulnerability

Microsoft Word is prone to a memory-corruption vulnerability.

An attacker can leverage this issue to execute arbitrary code in the context of the currently logged-in user. Failed exploit attempts will likely result in denial of service conditions.

Information

Bugtraq ID: 107297
Class: Failure to Handle Exceptional Conditions
CVE:
Remote: Yes
Local: No
Published: Mar 05 2019 12:00AM
Updated: Mar 05 2019 12:00AM
Credit: Mimecast
Vulnerable: Microsoft Word 0
Microsoft Windows 0
Microsoft Office 0

Not Vulnerable:

Exploit

Reports indicate that this issue is being exploited in the wild. Please see the references for more information.

References:

• RSAC 2019: Microsoft Zero-Day Allows Exploits to Sneak Past Sandboxes (threatpost.com)
  
• Microsoft Homepage (Microsoft)
  

Source: www.securityfocus.com