CVE-2019-0674

Description

A remote code execution vulnerability exists when the Microsoft Office Access Connectivity Engine improperly handles objects in memory, aka 'Microsoft Office Access Connectivity Engine Remote Code Execution Vulnerability'. This CVE ID is unique from CVE-2019-0671, CVE-2019-0672, CVE-2019-0673, CVE-2019-0675.

Affected products

• Microsoft / Microsoft Office2010 Service Pack 2 (32-bit editions) – 2010 Service Pack 2 (32-bit editions)
• Microsoft / Microsoft Office2010 Service Pack 2 (64-bit editions) – 2010 Service Pack 2 (64-bit editions)
• Microsoft / Microsoft Office2013 Service Pack 1 (32-bit editions) – 2013 Service Pack 1 (32-bit editions)
• Microsoft / Microsoft Office2013 Service Pack 1 (64-bit editions) – 2013 Service Pack 1 (64-bit editions)
• Microsoft / Microsoft Office2013 RT Service Pack 1 – 2013 RT Service Pack 1
• Microsoft / Microsoft Office2016 (32-bit edition) – 2016 (32-bit edition)
• Microsoft / Microsoft Office2016 (64-bit edition) – 2016 (64-bit edition)
• Microsoft / Microsoft Office2019 for 32-bit editions – 2019 for 32-bit editions
• Microsoft / Microsoft Office2019 for 64-bit editions – 2019 for 64-bit editions
• Microsoft / Office 365 ProPlus32-bit Systems – 32-bit Systems
• Microsoft / Office 365 ProPlus64-bit Systems – 64-bit Systems

References

• MISChttp://www.securityfocus.com/bid/106931
• VENDOR_ADVISORYhttps://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-0674