Lucene search
Steven Seeley (mr_me) of Source InciteZDI-18-292HistoryApr 11, 2018 - 12:00 a.m.
Microsoft Office Excel Slicer Use-After-Free Remote Code Execution Vulnerability
2018-04-1100:00:00
Steven Seeley (mr_me) of Source Incite
www.zerodayinitiative.com
10
0.131 Low
EPSS
Percentile
95.6%
This vulnerability allows remote attackers to execute arbitrary code on vulnerable installations of Microsoft Office Excel. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file. The specific flaw exists within the processing of slicers and timelines in Excel workbooks. A crafted filter in an Excel workbook can cause a pointer to be reused after it has been freed. An attacker can leverage this vulnerability to execute code under the context of the current process at medium integrity.
Related
mscve
mscve
Microsoft Excel Remote Code Execution Vulnerability
2018-04-10 07:00:00
checkpoint_advisories
checkpoint_advisories
Microsoft Excel Remote Code Execution (CVE-2018-1011)
2018-04-10 00:00:00
symantec
symantec
Microsoft Excel CVE-2018-1011 Remote Code Execution Vulnerability
2018-04-10 00:00:00
openvas
openvas
Microsoft Excel 2013 Service Pack 1 Multiple Vulnerabilities (KB4018350)
2018-04-11 00:00:00
Microsoft Excel 2010 Service Pack 2 Multiple RCE Vulnerabilities (KB4018362)
2018-04-11 00:00:00
mskb
mskb
Description of the security update for Excel 2013: April 10, 2018
2018-04-10 07:00:00
Description of the security update for Excel 2010: April 10, 2018
2018-04-10 07:00:00
prion
prion
Remote code execution
2018-04-12 01:29:00
Remote code execution
2018-04-12 01:29:00
Remote code execution
2018-04-12 01:29:00
cvelist
cvelist
cve
cve
nvd
nvd
nessus
nessus
Security Updates for Microsoft Excel Products (April 2018)
2018-04-10 00:00:00
kaspersky
kaspersky
KLA11225 Multiple vulnerabilities in Microsoft Office
2018-04-10 00:00:00
trendmicroblog
trendmicroblog
talosblog
talosblog
Microsoft Patch Tuesday - April 2018
2018-04-10 13:13:00