Lucene search

[email protected]NVD:CVE-2018-8432

HistoryOct 10, 2018 - 1:29 p.m.

CVE-2018-8432

2018-10-1013:29:02

[email protected]

web.nvd.nist.gov

CVSS2

9.3

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

EPSS

0.306

Percentile

97.0%

JSON

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka “Microsoft Graphics Components Remote Code Execution Vulnerability.” This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008.

Affected configurations

Nvd

Node

microsoftexcel_viewerMatch2007sp3

microsoftofficeMatch2016mac_os

microsoftofficeMatch2019

microsoftoffice_365_proplusMatch-

microsoftoffice_compatibility_packMatch-sp3

microsoftpowerpoint_viewerMatch2007

microsoftword_viewerMatch-

microsoftwindows_10Match1809

microsoftwindows_7Match-sp1

microsoftwindows_server_2008Match-sp2

microsoftwindows_server_2008Matchr2sp1

microsoftwindows_server_2019Match-

VendorProductVersionCPE
microsoftexcel_viewer2007cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
microsoftoffice2016cpe:2.3:a:microsoft:office:2016:*:mac_os:*:*:*:*:*
microsoftoffice2019cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
microsoftoffice_365_proplus-cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
microsoftoffice_compatibility_pack-cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
microsoftpowerpoint_viewer2007cpe:2.3:a:microsoft:powerpoint_viewer:2007:*:*:*:*:*:*:*
microsoftword_viewer-cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*
microsoftwindows_101809cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
microsoftwindows_7-cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
microsoftwindows_server_2008-cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*

Vendor	Product	Version	CPE
microsoft	excel_viewer	2007	cpe:2.3:a:microsoft:excel_viewer:2007:sp3::::::
microsoft	office	2016	cpe:2.3:a:microsoft:office:2016::mac_os:::::
microsoft	office	2019	cpe:2.3:a:microsoft:office:2019:::::::*
microsoft	office_365_proplus	-	cpe:2.3:a:microsoft:office_365_proplus:-:::::::*
microsoft	office_compatibility_pack	-	cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3::::::
microsoft	powerpoint_viewer	2007	cpe:2.3:a:microsoft:powerpoint_viewer:2007:::::::*
microsoft	word_viewer	-	cpe:2.3:a:microsoft:word_viewer:-:::::::*
microsoft	windows_10	1809	cpe:2.3:o:microsoft:windows_10:1809:::::::*
microsoft	windows_7	-	cpe:2.3:o:microsoft:windows_7:-:sp1::::::
microsoft	windows_server_2008	-	cpe:2.3:o:microsoft:windows_server_2008:-:sp2::::::