Lucene search
Jaanus Kp, Clarified SecurityZDI-18-1356HistoryNov 21, 2018 - 12:00 a.m.
Microsoft Word doc File Use-After-Free Remote Code Execution Vulnerability
2018-11-2100:00:00
Jaanus Kp, Clarified Security
www.zerodayinitiative.com
23
EPSS
0.212
Percentile
96.5%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Word. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of .doc files. Crafted data in a .doc file can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code in the context of the current process at medium integrity.
Related
openvas
openvas
mscve
mscve
Microsoft Word Remote Code Execution Vulnerability
2018-11-13 08:00:00
mskb
mskb
Description of the security update for Word 2010: November 13, 2018
2018-11-13 08:00:00
Description of the security update for Office 2010: November 13, 2018
2018-11-13 08:00:00
Description of the security update for Word 2016: November 13, 2018
2018-11-13 08:00:00
nessus
nessus
Security Updates for Microsoft Word Products C2R (November 2018)
2022-06-10 00:00:00
Security Updates for Microsoft Word Products (November 2018)
2018-11-13 00:00:00
Security Updates for Microsoft Office Products (November 2018)
2018-11-13 00:00:00
prion
prion
Remote code execution
2018-11-14 01:29:00
Remote code execution
2018-11-14 01:29:00
cve
cve
CVE-2018-8539
2018-11-14 01:29:00
CVE-2018-8573
2018-11-14 01:29:01
cvelist
cvelist
CVE-2018-8539
2018-11-14 01:00:00
CVE-2018-8573
2018-11-14 01:00:00
nvd
nvd
CVE-2018-8539
2018-11-14 01:29:00
CVE-2018-8573
2018-11-14 01:29:01
kaspersky
kaspersky
KLA11349 Multiple vulnerabilities in Microsoft Office
2018-11-13 00:00:00
myhack58
myhack58
talosblog
talosblog
thn
thn
63 New Flaws (Including 0-Days) Windows Users Need to Patch Now
2018-11-14 09:55:00