CVE-2019-0540 vulnerability in Microsoft Products
Published on March 5, 2019
A security feature bypass vulnerability exists when Microsoft Office does not validate URLs.An attacker could send a victim a specially crafted file, which could trick the victim into entering credentials, aka 'Microsoft Office Security Feature Bypass Vulnerability'.
Products Associated with CVE-2019-0540
You can be notified by email with stack.watch whenever vulnerabilities like CVE-2019-0540 are published in these products:
Affected Versions
Microsoft Office:- Version 2010 Service Pack 2 (32-bit editions) is affected.
- Version 2010 Service Pack 2 (64-bit editions) is affected.
- Version 2013 Service Pack 1 (32-bit editions) is affected.
- Version 2013 Service Pack 1 (64-bit editions) is affected.
- Version 2013 RT Service Pack 1 is affected.
- Version 2016 (32-bit edition) is affected.
- Version 2016 (64-bit edition) is affected.
- Version 2019 for 32-bit editions is affected.
- Version 2019 for 64-bit editions is affected.
- Version Word Viewer is affected.
- Version unspecified is affected.
- Version 32-bit Systems is affected.
- Version 64-bit Systems is affected.
- Version unspecified is affected.
- Version Service Pack 3 is affected.
Exploit Probability
EPSS
22.18%
Percentile
95.67%
EPSS (Exploit Prediction Scoring System) scores estimate the probability that a vulnerability will be exploited in the wild within the next 30 days. The percentile shows you how this score compares to all other vulnerabilities.