Published: 14/06/2018 Updated: 24/08/2020

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

CVSS v3 Base Score: 7.8 | Impact Score: 5.9 | Exploitability Score: 1.8

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.

Vulnerable Product	Search on Vulmon	Subscribe to Product
microsoft publisher 2010

June 2018, and Windows Server can be pwned with a DNS request

The Register • Shaun Nichols in San Francisco • 12 Jun 2018

Cortana also a little too eager to carry out commands Have to use SMB 1.0? Windows 10 April 2018 Update says NO

Microsoft has released its monthly security update, addressing a total of 51 CVE-listed security vulnerabilities. The June edition of Patch Tuesday includes 11 fixes for critical vulnerabilities in Windows, including Microsoft's solution for the recently-disclosed Spectre Variant 4 chip design flaw. Among the most serious bugs addressed this month is CVE-2018-8225, a remote code execution vulnerability present in the Windows DNSAPI. Microsoft says that the flaw would allow an attacker to take ov...

CVE-2018-8245

Vulnerability Summary

Vulnerability Trend

Recent Articles

References

Vulmon Search

About

Products

Connect