CVE-2018-0845 — Corporation Equation Editor vulnerability
4 documents4 sources
Severity
7.8HIGHNVD
CNA8.8
EPSS
34.3%
top 3.01%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedJan 22
Latest updateMay 13
Description
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0805, CVE-2018-0806, and CVE-2018-0807.
CVSS vector
CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9
Affected Packages3 packages
▶CVEListV5microsoft_corporation/equation_editorMicrosoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016
Patches
🔴Vulnerability Details
2GHSA▶
GHSA-46h4-jx96-qcqj: Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo↗2022-05-13
CVEList▶
CVE-2018-0845: Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remo↗2018-01-22