CVE-2018-0797

EUVD-2018-1603
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_compatibility_pack
-
microsoftword_viewer
*
𝑥
= Vulnerable software versions
Common Weakness Enumeration
References
http://www.securityfocus.com/bid/102406
http://www.securitytracker.com/id/1040153
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0797
http://www.securityfocus.com/bid/102406
http://www.securitytracker.com/id/1040153
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0797