CVE-2018-8504

EUVD-2018-20132
A remote code execution vulnerability exists in Microsoft Word software when the software fails to properly handle objects in Protected View, aka "Microsoft Word Remote Code Execution Vulnerability." This affects Microsoft SharePoint Server, Office 365 ProPlus, Microsoft Office, Microsoft Word.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_365_proplus
-
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/105499
http://www.securitytracker.com/id/1041840
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8504
http://www.securityfocus.com/bid/105499
http://www.securitytracker.com/id/1041840
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8504