Published: 09/05/2018 Updated: 24/08/2020

CVSS v2 Base Score: 9.3 | Impact Score: 10 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 828

Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8157, CVE-2018-8158.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft office 2016
microsoft sharepoint server 2013
microsoft office web apps 2010
microsoft word 2010
microsoft office 2013
microsoft office 2010
microsoft sharepoint server 2016
microsoft word 2013
microsoft word 2016
microsoft office web apps 2013
microsoft sharepoint server 2010

It's 2018, and a webpage can still pwn your Windows PC – and apps can escape Hyper-V

The Register • Chris Williams, Editor in Chief • 09 May 2018

Scores of bugs, from Edge and Office to kernel code to Adobe Flash, need fixing ASAP

Patch Tuesday Microsoft and Adobe have patched a bunch of security bugs in their products that can be exploited by hackers to commandeer vulnerable computers, siphon people's personal information, and so on. Redmond emitted 68 patches alone, 21 rated critical and at least two being actively exploited in the wild. There are browser and kernel patches you should look into first, check out an Office 365 email filter bypass that isn't addressed, then Hyper-V if you're using that, and then the rest. ...

CVE-2018-8161

Vulnerability Summary

Recent Articles

References

Vulmon Search

About

Products

Connect