CNNVD-202509-1296 Information
CNNVD ID
CNNVD-202509-1296
Related CVE
- CNNVD Published: 2025-09-09
Description (Chinese)
Microsoft Office是美国微软(Microsoft)公司的一款办公软件套件产品。该产品常用组件包括Word、Excel、Access、Powerpoint、FrontPage等。 Microsoft Office存在资源管理错误漏洞。攻击者利用该漏洞可以远程执行代码。以下产品和版本受到影响:Microsoft SharePoint Enterprise Server 2016,Microsoft SharePoint Server 2019,Microsoft Office 2019 for 32-bit editions,Microsoft Office 2019 for 64-bit editions,Microsoft 365 Apps for Enterprise for 32-bit Systems,Microsoft 365 Apps for Enterprise for 64-bit Systems,Microsoft Office LTSC for Mac 2021,Microsoft Office LTSC 2021 for 64-bit editions,Microsoft Office LTSC 2021 for 32-bit editions,Microsoft Office LTSC 2024 for 32-bit editions,Microsoft Office LTSC 2024 for 64-bit editions,Microsoft Office LTSC for Mac 2024,Microsoft Office 2016 (32-bit edition),Microsoft Office 2016 (64-bit edition)。
Description (English)
Microsoft Office is an office software package product for Microsoft (USA). Common components of the product include Word, Excel, Access, PowerPoint, FrontPage, etc. Microsoft Office has an error in resource management. The attackers used the loophole to implement the code remotely. The following products and versions have been affected: Microsoft SharePoint Enterprise Service 2016, Microsoft SharePoint Server 2019, Microsoft Office 2019 for 32-bit applications, Microsoft Office 2019 for 64-bit applications, Microsoft Apps for Enterprise 32-bit Systems, Microsoft 365 Apps for Enterprise 64-bit Systems, Microsoft Office Liechtenstein 2021, Microsoft Office LTSC 2021 for 32-bit appointments, Microsoft Office Liechtenstein 2024 for 32-bit Service 32-bit Standards, Order Office 2024 for 64-bit issues, Office Office Office Services Services 2024, Office Office Services 2024, Office Office Services 2024, Office Office Offices 2016
Hazard Level
Medium
Vulnerability Type
资源管理错误
Affected Vendor
微软
Published
2025-09-09
Last Modified
2026-02-24
References
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54906
Patch
https://msrc.microsoft.com/update-guide/vulnerability/CVE-2025-54906
Share on: