CVE-2018-8504

2018-10-1013:00:00

microsoft

www.cve.org

AI Score

8.9

Confidence

High

EPSS

0.158

Percentile

96.0%

JSON

A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka “Microsoft Word Remote Code Execution Vulnerability.” This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.

CNA Affected

[
  {
    "product": "Microsoft SharePoint Server",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010 Service Pack 2"
      }
    ]
  },
  {
    "product": "Microsoft Office",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 RT Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2016 (32-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 (64-bit edition)"
      },
      {
        "status": "affected",
        "version": "2019 for 32-bit editions"
      },
      {
        "status": "affected",
        "version": "2019 for 64-bit editions"
      },
      {
        "status": "affected",
        "version": "Web Apps 2010 Service Pack 2"
      }
    ]
  },
  {
    "product": "Office",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "365 ProPlus for 32-bit Systems"
      },
      {
        "status": "affected",
        "version": "365 ProPlus for 64-bit Systems"
      }
    ]
  },
  {
    "product": "Microsoft Word",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 RT Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2016 (32-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 (64-bit edition)"
      }
    ]
  }
]