Lucene search

K
cvelistMicrosoftCVELIST:CVE-2018-0852
HistoryFeb 13, 2018 - 12:00 a.m.

CVE-2018-0852

2018-02-1300:00:00
microsoft
www.cve.org
2

AI Score

8.8

Confidence

High

EPSS

0.056

Percentile

93.3%

Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R) allow a remote code execution vulnerability, due to how Outlook handles objects in memory, aka “Microsoft Office Memory Corruption Vulnerability”. This CVE is unique from CVE-2018-0851.

CNA Affected

[
  {
    "product": "Microsoft Office",
    "vendor": "Microsoft Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "Microsoft Outlook 2007 SP3, Microsoft Outlook 2010 SP2, Microsoft Outlook 2013 SP1 and RT SP1, Microsoft Outlook 2016, and Microsoft Office 2016 Click-to-Run (C2R)."
      }
    ]
  }
]

AI Score

8.8

Confidence

High

EPSS

0.056

Percentile

93.3%