cbcvebase.
CVE-2018-8582
published 2018-11-14

CVE-2018-8582: A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code…

PriorityP357high8.8CVSS 3.0
AVNACLPRNUIRSUCHIHAH
EPSS
18.59%
96.9th percentile
A remote code execution vulnerability exists in the way that Microsoft Outlook parses specially modified rule export files, aka "Microsoft Outlook Remote Code Execution Vulnerability." This affects Office 365 ProPlus, Microsoft Office, Microsoft Outlook. This CVE ID is unique from CVE-2018-8522, CVE-2018-8524, CVE-2018-8576.

Affected

24 ranges
VendorProductVersion rangeFixed in
microsoftmicrosoft_office
microsoftmicrosoft_office
microsoftmicrosoft_outlook
microsoftmicrosoft_outlook
microsoftmicrosoft_outlook
microsoftmicrosoft_outlook
microsoftmicrosoft_outlook
microsoftmicrosoft_outlook
microsoftmicrosoft_outlook
microsoftoffice
microsoftoffice
microsoftoffice
microsoftoutlook
microsoftoutlook
microsoftoutlook
microsoftoutlook_rt
msrcmicrosoft_office_2019_for_32-bit_editions
msrcmicrosoft_office_2019_for_64-bit_editions
msrcmicrosoft_outlook_2010_service_pack_2
msrcmicrosoft_outlook_2013_rt_service_pack_1
msrcmicrosoft_outlook_2013_service_pack_1
msrcmicrosoft_outlook_2016
msrcoffice_365_proplus_for_32-bit_systems
msrcoffice_365_proplus_for_64-bit_systems

CVSS provenance

nvdv3.08.8HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
nvdv2.09.3CRITICALAV:N/AC:M/Au:N/C:C/I:C/A:C
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.