Lucene search

K

[email protected]NVD:CVE-2018-8157

HistoryMay 09, 2018 - 7:29 p.m.

CVE-2018-8157

2018-05-0919:29:02

[email protected]

web.nvd.nist.gov

1

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.293

Percentile

96.9%

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka “Microsoft Office Remote Code Execution Vulnerability.” This affects Microsoft Office. This CVE ID is unique from CVE-2018-8158, CVE-2018-8161.

Affected configurations

NVD

Node

microsoftofficeMatch2010sp2

OR

microsoftofficeMatch2013sp1

OR

microsoftofficeMatch2013sp1rt

OR

microsoftofficeMatch2016

OR

microsoftofficeMatch2016click-to-run

References

www.securityfocus.com/bid/104046

www.securitytracker.com/id/1040853

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8157

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.293

Percentile

96.9%

Related for NVD:CVE-2018-8157

cvelist3 cve3 prion3 nvd2 openvas7 mskb12 nessus4 zdi1 checkpoint_advisories3 mscve3 symantec3 kaspersky1 talosblog1 trendmicroblog1