CVE-2018-8582

A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8576.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
8.8 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_365_proplus
-
microsoftwindows_server_2019
-
microsoft365_apps
𝑥
< 1810
microsoftoffice
𝑥
< 1810
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/105825
http://www.securitytracker.com/id/1042110
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582
http://www.securityfocus.com/bid/105825
http://www.securitytracker.com/id/1042110
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582