CVE-2018-8576
published 2018-11-14CVE-2018-8576: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote…
PriorityP348high7.8CVSS 3.0
AVLACLPRNUIRSUCHIHAH
EPSS
19.06%
97.0th percentile
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8582.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook_rt | — | — |
| msrc | microsoft_office_2019_for_32-bit_editions | — | — |
| msrc | microsoft_office_2019_for_64-bit_editions | — | — |
| msrc | microsoft_outlook_2010_service_pack_2 | — | — |
| msrc | microsoft_outlook_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_outlook_2013_service_pack_1 | — | — |
| msrc | microsoft_outlook_2016 | — | — |
| msrc | office_365_proplus_for_32-bit_systems | — | — |
| msrc | office_365_proplus_for_64-bit_systems | — | — |
CVSS provenance
nvdv3.07.8HIGHCVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc7.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Microsoft
Microsoft Outlook Remote Code Execution Vulnerability
vendor_msrc·2018-11-13·CVSS 7.8
CVE-2018-8576 [HIGH] Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory. An attacker who successfully exploited the vulnerability could use a specially crafted file to perform actions in the security context of the current user. For example, the file could then take actions on behalf of the logged-on user with the same permissions as the current user.
To exploit the vulnerability, a user must open a specially crafted file with an affected version of Microsoft Outlook software. In an email attack scenario, an attacker could exploit the vulnerability by sending the specially crafted file to the user and convincing the user to open the file. In a web-based attack scenario,
GHSA
GHSA-hx45-wg8j-h8p8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8576 [HIGH] GHSA-hx45-wg8j-h8p8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8582.
GHSA
GHSA-3p5h-mwh8-3wx4: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Rem
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8582 [HIGH] GHSA-3p5h-mwh8-3wx4: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Rem
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8576.
GHSA
GHSA-58vr-hgh9-9hw8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8524 [HIGH] GHSA-58vr-hgh9-9hw8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8576, CVE-2018-8582.
GHSA
GHSA-2h32-xchg-737h: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8522 [HIGH] GHSA-2h32-xchg-737h: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8524, CVE-2018-8576, CVE-2018-8582.
No detection rules found.
No public exploits indexed.
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits & Vulnerabilities
# Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro
2018/11/14
Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday. This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589, another Win32k Elevation of Privilege Vulnerability that is similar to October’s CVE-2018-8453, which allows an attacker to make use of specially craf
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits y vulnerabilidades
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of special
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Ausnutzung von Schwachstellen
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of speci
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Sfruttamento vulnerabilità
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of speciall
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits & Vulnerabilities
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of speciall
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits & Vulnerabilities
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro 2018/11/14 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of specially
Fortinet
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
blogs_fortinet·2018-11-13·CVSS 7.8
[HIGH] Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
FORTIGUARD LABS THREAT RESEARCH
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
By Yonghui Han | November 13, 2018
FortiGuard Labs Breaking Threat Research
This Patch Tuesday, November 13, 2018, Microsoft patched six vulnerabilities discovered in Microsoft Outlook. Four of them were discovered and reported on by Fortinet researcher Yonghui Han by following Fortinet’s responsible disclosure process. The CVE numbers assigned to them are CVE-2018-8522, CVE-2018-8524, CVE-2018-8576 and CVE-2018-8582. All Microsoft Outlook versions from 2010 to 2019 are affected. All of four of these vulnerabilities could lead to remote code execution and have been given an Important rating by Microsoft. In this post we will provide more details on these
http://www.securityfocus.com/bid/105822http://www.securitytracker.com/id/1042110https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8576http://www.securityfocus.com/bid/105822http://www.securitytracker.com/id/1042110https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8576
2018-11-14
Published