Lucene search

PRIOn knowledge basePRION:CVE-2018-8522

HistoryNov 14, 2018 - 1:29 a.m.

Remote code execution

2018-11-1401:29:00

PRIOn knowledge base

www.prio-n.com

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.6%

JSON

A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka “Microsoft Outlook Remote Code Execution Vulnerability.” This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8524, CVE-2018-8576, CVE-2018-8582.

CPENameOperatorVersion
officeeq2019
outlookeq2016
outlookeq2010 sp2
outlookeq2013 sp1
outlook_rteq2013 sp1

Name	Operator	Version
office	eq	2019
outlook	eq	2016
outlook	eq	2010 sp2
outlook	eq	2013 sp1
outlook_rt	eq	2013 sp1

References

www.securityfocus.com/bid/105820

www.securitytracker.com/id/1042110

portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8522

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

REQUIRED

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

7.9 High

AI Score

Confidence

High

9.3 High

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

COMPLETE

Integrity Impact

COMPLETE

Availability Impact

COMPLETE

AV:N/AC:M/Au:N/C:C/I:C/A:C

0.066 Low

EPSS

Percentile

93.6%

JSON

Related for PRION:CVE-2018-8522