EUVD-2018-1698

🗓️ 14 Mar 2018 17:00:00Reported by EUVDType

Microsoft Excel and Office versions allow security feature bypass due to macro setting enforcement

Reporter	Title	Published	Views	Family All 22
CNVD	Microsoft Office Security Bypass Vulnerability (CNVD-2018-05883)	16 Mar 201800:00	–	cnvd
CVE	CVE-2018-0907	14 Mar 201817:00	–	cve
Cvelist	CVE-2018-0907	14 Mar 201817:00	–	cvelist
Microsoft KB	Description of the security update for Excel 2010: March 13, 2018	13 Mar 201807:00	–	mskb
Microsoft KB	Description of the security update for Excel 2007: March 13, 2018	13 Mar 201807:00	–	mskb
Microsoft KB	Description of the security update for Excel 2016: March 13, 2018	13 Mar 201807:00	–	mskb
Microsoft KB	Description of the security update for Excel 2013: March 13, 2018	13 Mar 201807:00	–	mskb
Kaspersky	KLA11213 Multiple vulnerabilities in Microsoft Office	13 Mar 201800:00	–	kaspersky
Tenable Nessus	Security Update for Microsoft Office (March 2018) (macOS)	13 Mar 201800:00	–	nessus
Tenable Nessus	Security Updates for Microsoft Excel Products (March 2018)	13 Mar 201800:00	–	nessus

[
  {
    "enisaIdVendor": [
      {
        "id": "ac98feb4-a60f-3a9c-9574-772c3d404175",
        "vendor": {
          "name": "Microsoft Corporation"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "894f9a27-c955-3ba8-b975-d88fc88e65d8",
        "product": {
          "name": "Microsoft Excel"
        },
        "product_version": "Microsoft Excel 2007 SP3, Microssoft Excel 2010 SP2, Microsoft Excel 2013 SP1, Microsoft Excel 2016, Microsoft Office 2016 Click-to-Run and Microsoft Office 2016 for Mac"
      }
    ]
  }
]

Source	Link
portal	www.portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0907
securityfocus	www.securityfocus.com/bid/103325
securitytracker	www.securitytracker.com/id/1040524

17 Sep 2024 01:31Current

7.6High risk

Vulners AI Score7.6

CVSS 37.8

CVSS 26.8

EPSS0.18388