The vulnerability of the Microsoft Exchange Server mail server, related to errors in memory object processing, allows a hacker to execute arbitrary code.

🗓️ 23 Aug 2018 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

A memory handling vulnerability in Microsoft Exchange Server allows remote code execution with system privileges.

Reporter	Title	Published	Views	Family All 23
ATTACKERKB	CVE-2018-8302	15 Aug 201800:00	–	attackerkb
CNVD	Microsoft Exchange Server Memory Corruption Vulnerability	16 Aug 201800:00	–	cnvd
CVE	CVE-2018-8302	15 Aug 201817:00	–	cve
Cvelist	CVE-2018-8302	15 Aug 201817:00	–	cvelist
Microsoft KB	Description of the security update for Microsoft Exchange Server 2013 and 2016: August 14, 2018	14 Aug 201807:00	–	mskb
Microsoft KB	Update Rollup 23 for Exchange Server 2010 Service Pack 3	14 Aug 201807:00	–	mskb
Kaspersky	KLA11302 Multiple vulnerabilities in Microsoft Exchange Server	14 Aug 201800:00	–	kaspersky
Microsoft CVE	Microsoft Exchange Memory Corruption Vulnerability	14 Aug 201807:00	–	mscve
Microsoft CVE	Microsoft Exchange Server Remote Code Execution Vulnerability	2 Mar 202108:00	–	mscve
Microsoft CVE	Microsoft Exchange Server Remote Code Execution Vulnerability	2 Mar 202108:00	–	mscve

Source	Link
zerodayinitiative	www.zerodayinitiative.com/advisories/ZDI-18-944/
securityfocus	www.securityfocus.com/bid/104973
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8302
web	www.web.nvd.nist.gov/view/vuln/detail

15 Apr 2022 00:00Current

8.2High risk

Vulners AI Score8.2

CVSS 38.8

CVSS 29.3

EPSS0.38412

Microsoft Exchange Server memory handling remote code execution system privileges