Vulnerability in Microsoft Office
CVE-2018-8310
A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.
EPSS: 0.134 (94.3th percentile) — read the EPSS interpretation.
Affected products
- Microsoft Office — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2016 Click-to-Run (C2R) for 32-bit editions
- Microsoft Word — versions 2010 Service Pack 2 (32-bit editions), 2010 Service Pack 2 (64-bit editions), 2013 RT Service Pack 1
References
- portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8310 (x_refsource_CONFIRM)
- 104615 (vdb-entry, x_refsource_BID)
- 1041274 (vdb-entry, x_refsource_SECTRACK)