cvelist/2020/0xxx/CVE-2020-0697.json

{
  "data_type": "CVE",
  "data_format": "MITRE",
  "data_version": "4.0",
  "CVE_data_meta": {
    "ASSIGNER": "secure@microsoft.com",
    "ID": "CVE-2020-0697",
    "STATE": "PUBLIC"
  },
  "affects": {
    "vendor": {
      "vendor_data": [
        {
          "product": {
            "product_data": [
              {
                "product_name": "Office 365 ProPlus",
                "version": {
                  "version_data": [
                    {
                      "version_value": "32-bit Systems"
                    },
                    {
                      "version_value": "64-bit Systems"
                    }
                  ]
                }
              }
            ]
          },
          "vendor_name": "Microsoft"
        }
      ]
    }
  },
  "description": {
    "description_data": [
      {
        "lang": "eng",
        "value": "An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka \u0027Microsoft Office Tampering Vulnerability\u0027."
      }
    ]
  },
  "problemtype": {
    "problemtype_data": [
      {
        "description": [
          {
            "lang": "eng",
            "value": "Tampering"
          }
        ]
      }
    ]
  },
  "references": {
    "reference_data": [
      {
        "url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0697"
      }
    ]
  }
}
February 2020 Patch Tuesday 2020-02-11 13:16:09 -08:00			`{`
			`"data_type": "CVE",`
			`"data_format": "MITRE",`
			`"data_version": "4.0",`
			`"CVE_data_meta": {`
			`"ASSIGNER": "secure@microsoft.com",`
			`"ID": "CVE-2020-0697",`
			`"STATE": "PUBLIC"`
			`},`
			`"affects": {`
			`"vendor": {`
			`"vendor_data": [`
			`{`
			`"product": {`
			`"product_data": [`
			`{`
			`"product_name": "Office 365 ProPlus",`
			`"version": {`
			`"version_data": [`
			`{`
			`"version_value": "32-bit Systems"`
			`},`
			`{`
			`"version_value": "64-bit Systems"`
			`}`
			`]`
			`}`
			`}`
			`]`
			`},`
			`"vendor_name": "Microsoft"`
			`}`
			`]`
			`}`
			`},`
			`"description": {`
			`"description_data": [`
			`{`
			`"lang": "eng",`
			"value": "An elevation of privilege vulnerability exists in Microsoft Office OLicenseHeartbeat task, where an attacker who successfully exploited this vulnerability could run this task as SYSTEM.To exploit the vulnerability, an authenticated attacker would need to place a specially crafted file in a specific location, thereby allowing arbitrary file corruption.The security update addresses the vulnerability by correcting how the process validates the log file., aka \u0027Microsoft Office Tampering Vulnerability\u0027."
			`}`
			`]`
			`},`
			`"problemtype": {`
			`"problemtype_data": [`
			`{`
			`"description": [`
			`{`
			`"lang": "eng",`
			`"value": "Tampering"`
			`}`
			`]`
			`}`
			`]`
			`},`
			`"references": {`
			`"reference_data": [`
			`{`
			`"url": "https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2020-0697"`
			`}`
			`]`
			`}`
			`}`