Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka “Microsoft Office Memory Corruption Vulnerability”. This CVE is unique from CVE-2018-0797 and CVE-2018-0812.

CPENameOperatorVersion
officeeq2007 sp3
officeeq2013 sp1
officeeq2010 sp2
officeeq2016
officeeq2016
office_compatibility_packeq- sp3
wordeq2013 sp1
wordeq2016
wordeq2013 sp1
wordeq2010 sp2

Name	Operator	Version
office	eq	2007 sp3
office	eq	2013 sp1
office	eq	2010 sp2
office	eq	2016
office	eq	2016
office_compatibility_pack	eq	- sp3
word	eq	2013 sp1
word	eq	2016
word	eq	2013 sp1
word	eq	2010 sp2

Rows per page:

1-10 of 111

References

www.securityfocus.com/bid/102347

www.securitytracker.com/id/1040153

0patch.blogspot.com/2018/01/the-bug-that-killed-equation-editor-how.html

github.com/rxwx/CVE-2018-0802

github.com/zldww2011/CVE-2018-0802_POC

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802

research.checkpoint.com/another-office-equation-rce-vulnerability/

cvelist 3

cve 3

nvd 3

attackerkb 1

openvas 11

mscve 3

prion 2

symantec 3

checkpoint_advisories 2

mssecure 1

securelist 28

talosblog 2

mskb 17

carbonblack 1

krebs 1

myhack58 3

fireeye 3

thn 5

nessus 6

kaspersky 2

cisa_kev 2

threatpost 5

trendmicroblog 1

qualysblog 4

avleonov 1

cvelist

CVE-2018-0802

2018-01-09 00:00:00

CVE-2018-0812

2018-01-09 00:00:00

CVE-2018-0797

2018-01-09 00:00:00

cve

CVE-2018-0802

2018-01-10 01:29:00

CVE-2018-0812

2018-01-10 01:29:01

CVE-2018-0797

2018-01-10 01:29:00

nvd

CVE-2018-0802

2018-01-10 01:29:00

CVE-2018-0812

2018-01-10 01:29:01

CVE-2018-0797

2018-01-10 01:29:00

attackerkb

CVE-2018-0802

2018-01-10 00:00:00

openvas

Microsoft Office 2013 Service Pack 1 Remote Code Execution Vulnerabilities (KB4011580)

2018-01-10 00:00:00

Microsoft Office Word Viewer Memory Corruption Vulnerability (KB4011641)

2018-01-10 00:00:00

Microsoft Office Memory Corruption Vulnerability (Jan 2018) - Mac OS X

2018-01-22 00:00:00

mscve

Microsoft Office Memory Corruption Vulnerability

2018-01-09 08:00:00

Microsoft Office Memory Corruption Vulnerability

2018-01-09 08:00:00

Microsoft Office Memory Corruption Vulnerability

2018-01-09 08:00:00

prion

Remote code execution

2018-01-10 01:29:00

Remote code execution

2018-01-10 01:29:00

symantec

Microsoft Office CVE-2018-0812 Memory Corruption Vulnerability

2018-01-09 00:00:00

Microsoft Office CVE-2018-0802 Memory Corruption Vulnerability

2018-01-09 00:00:00

Microsoft Word CVE-2018-0797 Memory Corruption Vulnerability

2018-01-09 00:00:00

checkpoint_advisories

Microsoft Office Equation Memory Corruption Remote Code Execution (CVE-2018-0802)

2018-01-08 00:00:00

Microsoft Word Memory Corruption (CVE-2018-0797)

2018-01-09 00:00:00

mssecure

Windows Defender ATP device risk score exposes new cyberattack, drives Conditional access to protect networks

2018-11-28 21:46:48

securelist

MosaicRegressor: Lurking in the Shadows of UEFI

2020-10-05 10:00:45

The leap of a Cycldek-related threat actor

2021-04-05 10:00:22

Spam and phishing in 2023

2024-03-07 10:00:53

talosblog

Advanced Mobile Malware Campaign in India uses Malicious MDM - Part 2

2018-07-24 22:24:00

Microsoft Patch Tuesday - January 2018

2018-01-09 13:36:00

mskb

Description of the security update for SharePoint Server 2010 Office Web Apps: January 9, 2018

2018-01-09 08:00:00

Description of the security update for Office Web Apps Server 2013: January 9, 2018

2018-01-09 08:00:00

Description of the security update for Word Viewer: January 9, 2018

2018-01-09 08:00:00

carbonblack

Threat Analysis Unit (TAU) Threat Intelligence Notification: Tick Downloaders (Operation ENDTRADE)

2019-12-10 15:34:53

krebs

Microsoft’s Jan. 2018 Patch Tuesday Lowdown

2018-01-10 16:07:35

myhack58

A use cve-2017-11882 and cve-2018-0802 combination of vulnerability a malicious document analysis-vulnerability warning-the black bar safety net

2018-12-25 00:00:00

A CVE-2017-11882 vulnerability is a new variation of a sample of the debugging and analysis-vulnerability warning-the black bar safety net

2018-12-02 00:00:00

The macro perspective of the office vulnerability, 2010-2018-a vulnerability warning-the black bar safety net

2019-06-13 00:00:00

fireeye

APT37 (Reaper): The Overlooked North Korean Actor

2018-02-20 08:30:00

Government Sector in Central Asia Targeted With New HAWKBALL Backdoor Delivered via Microsoft Office Vulnerabilities

2019-06-05 15:00:00

Zero-Day Exploitation Increasingly Demonstrates Access to Money, Rather than Skill — Intelligence for Vulnerability Management, Part One

2020-04-06 00:00:00

thn

Alert: Phishing Campaigns Deliver New SideTwist Backdoor and Agent Tesla Variant

2023-09-06 13:50:00

New Chinese Malware Targeted Russia's Largest Nuclear Submarine Designer

2021-05-03 07:34:00

New USBCulprit Espionage Tool Steals Data From Air-Gapped Computers

2020-06-04 08:31:00

nessus

Security Updates for Microsoft Office Online Server and Microsoft Office Web Apps (January 2018)

2018-01-09 00:00:00

Security Updates for Microsoft Office Viewer Products (January 2018)

2018-01-09 00:00:00

Security Updates for Microsoft Office Compatibility SP3 (January 2018)

2018-01-09 00:00:00

kaspersky

KLA11180 Multiple vulnerabilities in Microsoft Office Online

2018-01-09 00:00:00

KLA11170 Multiple vulnerabilities in Microsoft Office

2018-01-09 00:00:00

cisa_kev

Microsoft Office Memory Corruption Vulnerability

2021-11-03 00:00:00

Microsoft Office Memory Corruption Vulnerability

2021-11-03 00:00:00

threatpost

Despite Ringleader’s Arrest, Cobalt Group Still Active

2018-05-28 12:21:42

PortDoor Espionage Malware Takes Aim at Russian Defense Sector

2021-04-30 19:32:34

Novel 'Victory' Backdoor Spotted in Chinese APT Campaign

2021-06-07 18:49:44

trendmicroblog

TippingPoint Threat Intelligence and Zero-Day Coverage – Week of January 8, 2018

2018-01-12 15:09:44

qualysblog

Top 19+ Vulnerability CVEs in Santa’s Dashboard Tracking

2019-12-27 18:01:22

Part 2: An In-Depth Look at the Latest Vulnerability Threat Landscape (Attackers’ Edition)

2023-07-18 13:38:53

Qualys Top 20 Most Exploited Vulnerabilities

2023-09-04 14:00:00

avleonov

September 2023: VM courses, Bahasa Indonesia, Russian Podcasts, Goodbye Tinkoff, MS Patch Tuesday, Qualys TOP 20, Linux, Forrester, GigaOm, R-Vision VM

2023-09-30 19:31:42

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8.4 High

AI Score

Confidence

High

0.971 High

EPSS

Percentile

99.8%

JSON

Related for PRION:CVE-2018-0802