CVE-2018-0797
published 2018-01-10CVE-2018-0797: Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka…
high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".
Affected
30 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office_online_server | — | — |
| microsoft | office_web_apps | — | — |
| microsoft | office_web_apps_server | — | — |
| microsoft | sharepoint_enterprise_server | — | — |
| microsoft | sharepoint_enterprise_server | — | — |
| microsoft | sharepoint_server | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft | word | — | — |
| microsoft_corporation | equation_editor | — | — |
| msrc | microsoft_office_2010_service_pack_2 | — | — |
| msrc | microsoft_office_2016_for_mac | — | — |
| msrc | microsoft_office_compatibility_pack_service_pack_3 | — | — |
| msrc | microsoft_office_online_server_2016 | — | — |
| msrc | microsoft_office_web_apps_2010_service_pack_2 | — | — |
| msrc | microsoft_office_web_apps_server_2013_service_pack_1 | — | — |
| msrc | microsoft_office_word_viewer | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2013_service_pack_1 | — | — |
| msrc | microsoft_sharepoint_enterprise_server_2016 | — | — |
| msrc | microsoft_sharepoint_server_2010_service_pack_2 | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv3.17.8HIGHCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H