CVE-2018-8161

🗓️ 09 May 2018 19:00:00Reported by microsoftType

Remote code execution vulnerability in Microsoft Office softwar

Reporter	Title	Published	Views	Family All 30
BDU FSTEC	The vulnerability of the Microsoft Office software arises from an operation that goes beyond buffer boundaries in memory, allowing an attacker to execute arbitrary code.	22 Jun 201800:00	–	bdu_fstec
CNVD	Microsoft Office Remote Code Execution Vulnerability (CNVD-2018-10431)	10 May 201800:00	–	cnvd
Check Point Advisories	Microsoft Office Remote Code Execution (CVE-2018-8161)	8 May 201800:00	–	checkpoint_advisories
CVE	CVE-2018-8161	9 May 201819:00	–	cve
Microsoft KB	Description of the security update for SharePoint Server 2016: May 8, 2018	8 May 201807:00	–	mskb
Microsoft KB	End of support for Office 2016 and Office 2019	8 May 201807:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Enterprise Server 2013: May 8, 2018	8 May 201807:00	–	mskb
Microsoft KB	Description of the security update for Office Web Apps Server 2013: May 8, 2018	8 May 201807:00	–	mskb
Microsoft KB	End of support for Office 2013	8 May 201807:00	–	mskb
Microsoft KB	Description of the security update for SharePoint Server 2010: May 8, 2018	8 May 201807:00	–	mskb

[
  {
    "product": "Microsoft Word",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 RT Service Pack 1"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2013 Service Pack 1 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "2016 (32-bit edition)"
      },
      {
        "status": "affected",
        "version": "2016 (64-bit edition)"
      }
    ]
  },
  {
    "product": "Word",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Automation Services on Microsoft SharePoint Server 2010 Service Pack 2"
      },
      {
        "status": "affected",
        "version": "Automation Services on Microsoft SharePoint Server 2013 Service Pack 1"
      }
    ]
  },
  {
    "product": "Microsoft Office",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (32-bit editions)"
      },
      {
        "status": "affected",
        "version": "2010 Service Pack 2 (64-bit editions)"
      },
      {
        "status": "affected",
        "version": "Web Apps 2010 Service Pack 2"
      },
      {
        "status": "affected",
        "version": "Web Apps Server 2013 Service Pack 1"
      }
    ]
  },
  {
    "product": "Microsoft SharePoint",
    "vendor": "Microsoft",
    "versions": [
      {
        "status": "affected",
        "version": "Enterprise Server 2016"
      }
    ]
  }
]

Source	Link
securityfocus	www.securityfocus.com/bid/104052
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8161
securitytracker	www.securitytracker.com/id/1040853

10 May 2018 09:57Current

7.8High risk

Vulners AI Score7.8

EPSS0.32436