Lucene search
This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.SMB_NT_MS18_MAR_OFFICE_COMPATIBILITY.NASLHistoryMar 13, 2018 - 12:00 a.m.
Security Updates for Microsoft Office Compatibility Products (March 2018)
2018-03-1300:00:00
This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
22
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.08 Low
EPSS
Percentile
94.3%
The Microsoft Office Compatibility Products are missing a security update. It is, therefore, affected by the following vulnerability :
- A remote code execution vulnerability exists in Microsoft Office software when the Office software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. (CVE-2018-0922)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from the Microsoft Security Updates API. The text
# itself is copyright (C) Microsoft Corporation.
#
include("compat.inc");
if (description)
{
script_id(108297);
script_version("1.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/12/11");
script_cve_id("CVE-2018-0922");
script_bugtraq_id(103314);
script_xref(name:"MSKB", value:"4011720");
script_xref(name:"IAVA", value:"2018-A-0077-S");
script_xref(name:"MSFT", value:"MS18-4011720");
script_name(english:"Security Updates for Microsoft Office Compatibility Products (March 2018)");
script_summary(english:"Checks for Microsoft security updates.");
script_set_attribute(attribute:"synopsis", value:
"The Microsoft Office Compatibility Products are missing a security update.");
script_set_attribute(attribute:"description", value:
"The Microsoft Office Compatibility Products are missing a
security update. It is, therefore, affected by the following
vulnerability :
- A remote code execution vulnerability exists in
Microsoft Office software when the Office software fails
to properly handle objects in memory. An attacker who
successfully exploited the vulnerability could run
arbitrary code in the context of the current user. If
the current user is logged on with administrative user
rights, an attacker could take control of the affected
system. An attacker could then install programs; view,
change, or delete data; or create new accounts with full
user rights. (CVE-2018-0922)");
# https://support.microsoft.com/en-us/help/4011720/description-of-the-security-update-for-microsoft-office-compatibility
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?fa64c479");
script_set_attribute(attribute:"solution", value:
"Microsoft has released KB4011720 to address this issue.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:C/I:C/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-0922");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2018/03/13");
script_set_attribute(attribute:"patch_publication_date", value:"2018/03/13");
script_set_attribute(attribute:"plugin_publication_date", value:"2018/03/13");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"cpe:/a:microsoft:office_compatibility_pack");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Windows : Microsoft Bulletins");
script_copyright(english:"This script is Copyright (C) 2018-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("office_installed.nasl", "microsoft_office_compatibility_pack_installed.nbin", "smb_hotfixes.nasl", "ms_bulletin_checks_possible.nasl");
script_require_keys("SMB/MS_Bulletin_Checks/Possible");
script_require_ports(139, 445, "Host/patch_management_checks");
exit(0);
}
include("misc_func.inc");
include("audit.inc");
include("smb_func.inc");
include("smb_hotfixes.inc");
include("smb_hotfixes_fcheck.inc");
get_kb_item_or_exit("SMB/MS_Bulletin_Checks/Possible");
bulletin = "MS18-03";
kbs = make_list('4011720');
vuln = FALSE;
if (get_kb_item("Host/patch_management_checks"))
hotfix_check_3rd_party(bulletin:bulletin, kbs:kbs, severity:SECURITY_HOLE);
####################################################################
# Office Compatibility Pack
####################################################################
installs = get_kb_list("SMB/Office/WordCnv/*/ProductPath");
foreach install (keys(installs))
{
path = installs[install];
path = ereg_replace(pattern:'^(.+)\\\\[^\\\\]+\\.exe$', replace:"\1\", string:path, icase:TRUE);
if(hotfix_check_fversion(path:path, file:"wordcnv.dll", version:"12.0.6786.5000", kb:"4011720", bulletin:bulletin, min_version:"12.0.0.0", product:"Microsoft Office Compatibility Pack") == HCF_OLDER)
vuln = TRUE;
}
if(vuln)
{
replace_kb_item(name:'SMB/Missing/'+bulletin, value:TRUE);
hotfix_security_hole();
hotfix_check_fversion_end();
exit(0);
}
else
{
hotfix_check_fversion_end();
audit(AUDIT_HOST_NOT, 'affected');
}
| Vendor | Product | Version | CPE |
|---|---|---|---|
| microsoft | office_compatibility_pack | cpe:/a:microsoft:office_compatibility_pack |
Related
checkpoint_advisories
checkpoint_advisories
Microsoft Office Memory Corruption (CVE-2018-0922)
2018-03-13 00:00:00
cve
cve
CVE-2018-0922
2018-03-14 17:29:02
symantec
symantec
Microsoft Office CVE-2018-0922 Memory Corruption Vulnerability
2018-03-13 00:00:00
mskb
mskb
openvas
openvas
cvelist
cvelist
CVE-2018-0922
2018-03-14 00:00:00
prion
prion
Remote code execution
2018-03-14 17:29:00
nvd
nvd
CVE-2018-0922
2018-03-14 17:29:02
mscve
mscve
Microsoft Office Memory Corruption Vulnerability
2018-03-13 07:00:00
nessus
nessus
Security Updates for Microsoft Office Online Server and Microsoft Office Web Apps (March 2018)
2018-03-13 00:00:00
Security Updates for Microsoft Word Products (March 2018)
2018-03-13 00:00:00
Security Updates for Microsoft Office Products (March 2018)
2018-03-13 00:00:00
kaspersky
kaspersky
KLA11213 Multiple vulnerabilities in Microsoft Office
2018-03-13 00:00:00
talosblog
talosblog
Microsoft Patch Tuesday - March 2018
2018-03-13 14:38:00
trendmicroblog
trendmicroblog
9.3 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:M/Au:N/C:C/I:C/A:C
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
0.08 Low
EPSS
Percentile
94.3%
Related for SMB_NT_MS18_MAR_OFFICE_COMPATIBILITY.NASL