1. CVE-Search
  2. CVE-2018-8432
ID CVE-2018-8432
Summary A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008.
References
Vulnerable Configurations
  • cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:excel_viewer:2007:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2016:*:mac_os:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2016:*:mac_os:*:*:*:*:*
  • cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
    cpe:2.3:a:microsoft:office_compatibility_pack:-:sp3:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:powerpoint_viewer:2007:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:powerpoint_viewer:2007:*:*:*:*:*:*:*
  • cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*
    cpe:2.3:a:microsoft:word_viewer:-:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_10:1809:*:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_7:-:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:-:sp2:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2008:r2:sp1:*:*:*:*:*:*
  • cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
    cpe:2.3:o:microsoft:windows_server_2019:-:*:*:*:*:*:*:*
CVSS
Base: 9.3 (as of 24-08-2020 - 17:37)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
COMPLETE COMPLETE COMPLETE
cvss-vector via4 AV:N/AC:M/Au:N/C:C/I:C/A:C
refmap via4
bid 105458
confirm https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8432
sectrack 1041823
Last major update 24-08-2020 - 17:37
Published 10-10-2018 - 13:29
Last modified 24-08-2020 - 17:37
Back to Top