CVE-2018-0794
published 2018-01-10CVE-2018-0794: Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability…
PriorityP357high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
20.07%
97.1th percentile
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0792.
Affected
19 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office_online_server | — | — |
| microsoft | sharepoint_server | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft_corporation | microsoft_word | — | — |
| msrc | microsoft_office_2010_service_pack_2 | — | — |
| msrc | microsoft_office_2016_click-to-run_for_32-bit_editions | — | — |
| msrc | microsoft_office_2016_click-to-run_for_64-bit_editions | — | — |
| msrc | microsoft_office_2016_for_mac | — | — |
| msrc | microsoft_office_compatibility_pack_service_pack_3 | — | — |
| msrc | microsoft_word_2007_service_pack_3 | — | — |
| msrc | microsoft_word_2010_service_pack_2 | — | — |
| msrc | microsoft_word_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_word_2013_service_pack_1 | — | — |
| msrc | microsoft_word_2016 | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-5jh9-9qf9-9mj6: Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulner
ghsa_unreviewed·2022-05-13·CVSS 8.8
CVE-2018-0794 [HIGH] GHSA-5jh9-9qf9-9mj6: Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulner
Microsoft Word in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0792.
GHSA
GHSA-6wj9-4q9r-266c: Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft
ghsa_unreviewed·2022-05-13·CVSS 8.8
CVE-2018-0792 [HIGH] CWE-787 GHSA-6wj9-4q9r-266c: Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794.
Microsoft
Microsoft Office Remote Code Execution Vulnerability
vendor_msrc·2018-01-09·CVSS 8.8
CVE-2018-0794 [HIGH] Microsoft Office Remote Code Execution Vulnerability
Microsoft Office Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could run arbitrary code in the context of the current user. If the current user is logged on with administrative user rights, an attacker could take control of the affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights.
Exploitation of the vulnerability requires that a user open a specially crafted file w
No detection rules found.
No public exploits indexed.
Qualys
January 2018 Patch Tuesday - Meltdown/Spectre, 16 Critical Microsoft Patches, 1 Adobe Patch | Qualys
blogs_qualys·2018-01-09·CVSS 5.6
[MEDIUM] January 2018 Patch Tuesday - Meltdown/Spectre, 16 Critical Microsoft Patches, 1 Adobe Patch | Qualys
Due to the disclosure of Meltdown and Spectre, Microsoft released several patches last week with the ranking “Important.” While there are no active attacks against these vulnerabilities, a special focus should be placed on any of the browser patches, due to potential attacks using JavaScript.
It is important to note that OS-level and BIOS (microcode) patches that are designed to mitigate Meltdown and Spectre may lead to performance issues. It is important to test all patches before deploying.
Some of these updates are incompatible with third-party antivirus software, and may require updating AV on workstations and servers. Microsoft has released guidance documents for both Windows clients and servers. Windows Server requires registry changes in order to implement the protections added by
Qualys
January 2018 Patch Tuesday – Meltdown/Spectre, 16 Critical Microsoft Patches, 1 Adobe Patch
blogs_qualys·2018-01-09·CVSS 5.6
[MEDIUM] January 2018 Patch Tuesday – Meltdown/Spectre, 16 Critical Microsoft Patches, 1 Adobe Patch
Due to the disclosure of Meltdown and Spectre , Microsoft released several patches last week with the ranking “Important.” While there are no active attacks against these vulnerabilities, a special focus should be placed on any of the browser patches, due to potential attacks using JavaScript.
It is important to note that OS-level and BIOS (microcode) patches that are designed to mitigate Meltdown and Spectre may lead to performance issues. It is important to test all patches before deploying.
Some of these updates are incompatible with third-party antivirus software, and may require updating AV on workstations and servers. Microsoft has released guidance documents for both Windows clients and servers . Windows Server requires registry changes in order to implement the protections added
Talos
Microsoft Patch Tuesday - January 2018
blogs_talos·2018-01-09·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - January 2018
## Microsoft Patch Tuesday - January 2018
Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 56 new vulnerabilities with 16 of them rated critical, 39 of them rated important and 1 of them rated Moderate. These vulnerabilities impact ASP.NET, Edge, Internet Explorer, Office, Windows, and more.
In addition to the 56 vulnerabilities addressed, Microsoft has also released an update that addresses Meltdown and Spectre. Mitigations for these two vulnerabilities were published for Windows in ADV180002 . Note that due to incompatibilities with anti-virus products, users and organizations may not have received this update yet. For more information, users shoul
Talos
Microsoft Patch Tuesday - January 2018
blogs_talos·2018-01-09·CVSS 7.5
[HIGH] Microsoft Patch Tuesday - January 2018
Today Microsoft has released its monthly set of security advisories for vulnerabilities that have been identified and addressed in various products. This month's advisory release addresses 56 new vulnerabilities with 16 of them rated critical, 39 of them rated important and 1 of them rated Moderate. These vulnerabilities impact ASP.NET, Edge, Internet Explorer, Office, Windows, and more.
In addition to the 56 vulnerabilities addressed, Microsoft has also released an update that addresses Meltdown and Spectre. Mitigations for these two vulnerabilities were published for Windows in ADV180002. Note that due to incompatibilities with anti-virus products, users and organizations may not have received this update yet. For more information, users should refer to Microsoft's knowledge base articl
http://www.securityfocus.com/bid/102373http://www.securitytracker.com/id/1040153https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0794http://www.securityfocus.com/bid/102373http://www.securitytracker.com/id/1040153https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0794
2018-01-10
Published