Schweregrad:: Hoch
  CVE Kennungen:: CVE-2013-5054
  Hinweisdatum: 26 Dezember 2013

  Beschreibung

This security update resolves one privately reported vulnerability in Microsoft Office that could allow information disclosure if a user attempts to open an Office file hosted on a malicious website. An attacker who successfully exploited this vulnerability could ascertain access tokens used to authenticate the current user on a targeted SharePoint or other Microsoft Office server site.

  Lösungen

  Betroffene Software und Version:

  • Microsoft Office 2013 (32-bit editions)
  • Microsoft Office 2013 R