CVE-2018-8376 - A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fail

CVE-2018-8376

Summary

A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft PowerPoint.

References

http://www.securityfocus.com/bid/104991
http://www.securitytracker.com/id/1041464
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8376

Vulnerable Configurations

cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*

CVSS

Base:	9.3 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:

CWE

NVD-CWE-noinfo

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	MEDIUM	NONE

Impact

Confidentiality	Integrity	Availability
COMPLETE	COMPLETE	COMPLETE

cvss-vector via4

AV:N/AC:M/Au:N/C:C/I:C/A:C

refmap via4

bid	104991
confirm	https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8376
sectrack	1041464

Last major update

24-08-2020 - 17:37

Published

15-08-2018 - 17:29

Last modified

24-08-2020 - 17:37