CVE-2019-1297
published 2019-09-11CVE-2019-1297: A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel…
high8.8CVSS 3.1
AVNACLPRNUIRSUCHIHAH
KEVITW
CISA Known Exploited Vulnerabilitydue 2022-03-17
Exploited in the wild
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka 'Microsoft Excel Remote Code Execution Vulnerability'.
Affected
28 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | excel | — | — |
| microsoft | excel | — | — |
| microsoft | excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_excel | — | — |
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office_365_proplus | — | — |
| microsoft | office_365_proplus | — | — |
| msrc | microsoft_excel_2010_service_pack_2 | — | — |
| msrc | microsoft_excel_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_excel_2013_service_pack_1 | — | — |
| msrc | microsoft_excel_2016 | — | — |
| msrc | microsoft_office_2016_for_mac | — | — |
| msrc | microsoft_office_2019_for_32-bit_editions | — | — |
| msrc | microsoft_office_2019_for_64-bit_editions | — | — |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
vulncheck8.8HIGH
cisa8.8HIGH