CVE-2018-8539

Published: Nov 14, 2018Modified: Nov 21, 2024

7.8

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Exploitability: 1.8 / Impact: 5.9

Source: NVD

Description

A remote code execution vulnerability exists in Microsoft Word software when it fails to properly handle objects in memory, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Microsoft Office. This CVE ID is unique from CVE-2018-8573.

Affected (3)

Products: Microsoft: Office, Office Web Apps, Sharepoint Server

3 products

Office Web Apps

Sharepoint Server

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Microsoft Office	Version 2010 sp2
Microsoft Office Web Apps	Version 2010 sp2
Microsoft Sharepoint Server	Version 2010 sp2

References (6)

http://www.securityfocus.com/bid/105835

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042112

Source: secure@microsoft.com

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8539

Source: secure@microsoft.com

PatchVendor Advisory

http://www.securityfocus.com/bid/105835

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1042112

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8539

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

Timeline

No history available yet.