CVE-2018-8310

Published: Jul 11, 2018Modified: Nov 21, 2024

7.5

Vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Exploitability: 3.9 / Impact: 3.6

Source: NVD

Description

A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.

Affected (6)

Products: Microsoft: Office, Word

Microsoft

2 products

Office

Word

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2010 sp2
Microsoft Office	Version 2016

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Microsoft Word	Version 2010 sp2
Microsoft Word	Version 2013 sp1
Microsoft Word	Version 2013 sp1
Microsoft Word	Version 2016

References (6)

http://www.securityfocus.com/bid/104615

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041274

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8310

Source: secure@microsoft.com

PatchVendor Advisory

http://www.securityfocus.com/bid/104615

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1041274

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8310

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.