CVE-2019-1400
MEDIUMMicrosoft Office - Information Disclosure via Memory Handling Issue
Title source: llmDescription
An information disclosure vulnerability exists in Microsoft Access software when the software fails to properly handle objects in memory, aka 'Microsoft Access Information Disclosure Vulnerability'. This CVE ID is unique from CVE-2019-1463.
References (1)
Core 1
Core References
Patch, Vendor Advisory x_refsource_misc
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2019-1400
Scores
CVSS v3
5.5
EPSS
0.0216
EPSS Percentile
79.9%
Attack Vector
LOCAL
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-200
Status
published
Products (5)
microsoft/office
2010 sp2
microsoft/office
2013 sp1 (2 CPE variants)
microsoft/office
2016
microsoft/office
2019
microsoft/office_365_proplus
Published
Dec 10, 2019
Tracked Since
Feb 18, 2026