Published: 10/01/2018 Updated: 16/03/2018
CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6
CVSS v3 Base Score: 8.8 | Impact Score: 5.9 | Exploitability Score: 2.8
VMScore: 829
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

Vulnerability Summary

Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".

Vulnerability Trend

Affected Products

Vendor Product Versions
MicrosoftOffice2007, 2010, 2013, 2016
MicrosoftOffice Compatibility Pack-
MicrosoftWord2007, 2010, 2013, 2016

Github Repositories

office-exploit-case-study Collection of office exploit used in the real world recent years with samples and writeup,please study them in virtual machineTake responsibility yourself if you use them for illegal purposesSamples should match hash in corresponding writeup if mentioned If you are looking for more poc(reported by researchers and never used in the real world),you ca

TODO: Fix -p flag -c flag is deprecated CVE Watcher queries the National Vulnerability Database (NVD) for CVEs related to specific vendor and/or product Example(s): python CVEWatcherpy -v Microsoft -s 0 -S 2015 -e 0 -E 2015 python CVEWatcherpy -v Adobe -s 0 -S 2015 -e 0 -E 2015 python CVEWatcherpy -v Google -p chrome -s 4 -S 2014 -e 11 -E 2014 Example Output: Microsoft,78,H