CVE-2020-0851

CWE-119Buffer Overflow4 documents4 sources
Severity
7.8HIGH
EPSS
33.7%
top 3.06%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
3
Microsoft Microsoft OfficeMicrosoft Office 365 ProplusMicrosoft Office
Timeline
PublishedMar 12
Latest updateMay 24

Description

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2020-0850, CVE-2020-0852, CVE-2020-0855, CVE-2020-0892.

CVSS vector

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

NVDmicrosoft/office2016, 2019+1
CVEListV5microsoft/microsoft_office2016 for Mac, 2019 for Mac+1
CVEListV5microsoft/office_365_proplus32-bit Systems, 64-bit Systems+1

Patches

Patch: portal.msrc.microsoft.comPatch: portal.msrc.microsoft.com

🔴Vulnerability Details

2
GHSA
GHSA-5rgv-pq29-2j8c: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote2022-05-24
CVEList
CVE-2020-0851: A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka 'Microsoft Word Remote2020-03-12

📋Vendor Advisories

1
Microsoft
Microsoft Word Remote Code Execution Vulnerability2020-03-10
CVE-2020-0851 (HIGH CVSS 7.8) | A remote code execution vulnerabili | cvebase.io