CVE-2018-8582
published 2018-11-14CVE-2018-8582: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code…
PriorityP357high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
18.59%
96.9th percentile
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8576.
Affected
24 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_office | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | microsoft_outlook | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | office | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook | — | — |
| microsoft | outlook_rt | — | — |
| msrc | microsoft_office_2019_for_32-bit_editions | — | — |
| msrc | microsoft_office_2019_for_64-bit_editions | — | — |
| msrc | microsoft_outlook_2010_service_pack_2 | — | — |
| msrc | microsoft_outlook_2013_rt_service_pack_1 | — | — |
| msrc | microsoft_outlook_2013_service_pack_1 | — | — |
| msrc | microsoft_outlook_2016 | — | — |
| msrc | office_365_proplus_for_32-bit_systems | — | — |
| msrc | office_365_proplus_for_64-bit_systems | — | — |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-hx45-wg8j-h8p8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8576 [HIGH] GHSA-hx45-wg8j-h8p8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8582.
GHSA
GHSA-3p5h-mwh8-3wx4: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Rem
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8582 [HIGH] GHSA-3p5h-mwh8-3wx4: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Rem
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8576.
GHSA
GHSA-58vr-hgh9-9hw8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8524 [HIGH] GHSA-58vr-hgh9-9hw8: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8576, CVE-2018-8582.
GHSA
GHSA-2h32-xchg-737h: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
ghsa_unreviewed·2022-05-13·CVSS 7.8
CVE-2018-8522 [HIGH] GHSA-2h32-xchg-737h: A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook
A remote code execution vulnerability exists in Microsoft Outlook software when it fails to properly handle objects in memory, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8524, CVE-2018-8576, CVE-2018-8582.
Microsoft
Microsoft Outlook Remote Code Execution Vulnerability
vendor_msrc·2018-11-13·CVSS 8.8
CVE-2018-8582 [HIGH] Microsoft Outlook Remote Code Execution Vulnerability
Microsoft Outlook Remote Code Execution Vulnerability
Description: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files.
An attacker who successfully exploited this vulnerability could take control of an affected system. An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights. Users whose accounts are configured to have fewer user rights on the system could be less impacted than users who operate with administrative user rights. Systems such as workstations and terminal servers where Microsoft Outlook is used are at risk. Servers could be at more risk if administrators allow users to log on to servers and to run programs. However, best practices strongly discou
No detection rules found.
No public exploits indexed.
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits & Vulnerabilities
# Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro
2018/11/14
Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday. This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589, another Win32k Elevation of Privilege Vulnerability that is similar to October’s CVE-2018-8453, which allows an attacker to make use of specially craf
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits y vulnerabilidades
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of special
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Ausnutzung von Schwachstellen
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of speci
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Sfruttamento vulnerabilità
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of speciall
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits & Vulnerabilities
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro Nov 14, 2018 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of speciall
Trendmicro
Patch Tuesday Fixes Zero-Day Win32k Bug
blogs_trendmicro·2018-11-14·CVSS 7.8
CVE-2018-8589 [HIGH] Patch Tuesday Fixes Zero-Day Win32k Bug
Exploits & Vulnerabilities
## Patch Tuesday Fixes Zero-Day Win32k Bug
This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability (CVE-2018-8589) that is already being used in malicious attacks.
By: Trend Micro 2018/11/14 Read time: ( words)
Save to Folio
As the year comes to a close, updates for both Microsoft and Adobe products and services are still ongoing via Patch Tuesday . This month’s round of updates, which fixes 63 bugs, includes a patch for a zero-day vulnerability that is already being used in malicious attacks. Perhaps the most notable vulnerability addressed this month is CVE-2018-8589 , another Win32k Elevation of Privilege Vulnerability that is similar to October ’s CVE-2018-8453 , which allows an attacker to make use of specially
Fortinet
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
blogs_fortinet·2018-11-13·CVSS 7.8
[HIGH] Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
FORTIGUARD LABS THREAT RESEARCH
Patch Your Microsoft Outlook: Fortinet Discovered Four Outlook Remote Code Execution Vulnerabilities
By Yonghui Han | November 13, 2018
FortiGuard Labs Breaking Threat Research
This Patch Tuesday, November 13, 2018, Microsoft patched six vulnerabilities discovered in Microsoft Outlook. Four of them were discovered and reported on by Fortinet researcher Yonghui Han by following Fortinet’s responsible disclosure process. The CVE numbers assigned to them are CVE-2018-8522, CVE-2018-8524, CVE-2018-8576 and CVE-2018-8582. All Microsoft Outlook versions from 2010 to 2019 are affected. All of four of these vulnerabilities could lead to remote code execution and have been given an Important rating by Microsoft. In this post we will provide more details on these
http://www.securityfocus.com/bid/105825http://www.securitytracker.com/id/1042110https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582http://www.securityfocus.com/bid/105825http://www.securitytracker.com/id/1042110https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8582
2018-11-14
Published