What is CVE-2018-8245?

CVE-2018-8245 is a vulnerability in Microsoft Publisher. Published 2018-06-14.

Is CVE-2018-8245 known to be exploited?

1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

Vulnerability in Microsoft Publisher

CVE-2018-8245

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affec…

EPSS: 0.264 (96.4th percentile) — read the EPSS interpretation.

Affected products

Microsoft Publisher — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions)

Public proof-of-concept exploits

ARPSyndicate/cve-scores

References

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245 (x_refsource_CONFIRM)
104405 (vdb-entry, x_refsource_BID)
1041105 (vdb-entry, x_refsource_SECTRACK)

Frequently asked questions

What is CVE-2018-8245?: CVE-2018-8245 is a vulnerability in Microsoft Publisher. Published 2018-06-14.
Is CVE-2018-8245 known to be exploited?: 1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.