Vulnerability in Microsoft Office
CVE-2018-8161
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsof…
EPSS: 0.324 (97.0th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), Web Apps 2010 Service Pack 2
- Microsoft Sharepoint — versions Enterprise Server 2016
- Microsoft Word — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2013 RT Service Pack 1
- Microsoft Word — versions Automation Services on Microsoft SharePoint Server 2010 Service Pack 2, Automation Services on Microsoft SharePoint Server 2013 Service Pack 1
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8161 (x_refsource_CONFIRM)
- 104052 (vdb-entry, x_refsource_BID)
- 1040853 (vdb-entry, x_refsource_SECTRACK)