Vulnerability in Microsoft Office
CVE-2018-8244
An elevation of privilege vulnerability exists when Microsoft Outlook does not validate attachment headers properly, aka "Microsoft Outlook Elevation of Privilege Vulnerability." This affects Microsoft Office, Microsoft Outlook.
EPSS: 0.166 (95.0th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office — versions 2016 Click-to-Run (C2R) for 32-bit editions, 2016 Click-to-Run (C2R) for 64-bit editions
- Microsoft Outlook — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2013 RT Service Pack 1
References
- 1041107 (vdb-entry, x_refsource_SECTRACK)
- 104323 (vdb-entry, x_refsource_BID)
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8244 (x_refsource_CONFIRM)