CVE-2018-8628

EUVD-2018-20240
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.8 HIGH
LOCAL
LOW
NONE
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 96%
Affected Products (NVD)
VendorProductVersion
microsoftoffice_365_proplus
-
microsoftoffice_compatibility_pack
-
microsoftoffice_online_server
*
microsoftpowerpoint_viewer
*
𝑥
= Vulnerable software versions
References
http://www.securityfocus.com/bid/106104
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628
http://www.securityfocus.com/bid/106104
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628