ID |
CVE-2018-8501
|
Summary |
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in Protected View, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Office 365 ProPlus, PowerPoint Viewer, Microsoft Office, Microsoft PowerPoint. |
References |
|
Vulnerable Configurations |
-
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2010:sp2:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:office:2013:sp1:*:*:rt:*:*:*
-
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2016:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office:2019:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:office_365_proplus:-:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2010:sp2:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:rt:*:*:*
cpe:2.3:a:microsoft:powerpoint:2013:sp1:*:*:rt:*:*:*
-
cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*
cpe:2.3:a:microsoft:powerpoint:2016:*:*:*:*:*:*:*
-
cpe:2.3:a:microsoft:powerpoint_viewer:2012:*:*:*:*:*:x86:*
cpe:2.3:a:microsoft:powerpoint_viewer:2012:*:*:*:*:*:x86:*
|
CVSS |
Base: | 9.3 (as of 03-10-2019 - 00:03) |
Impact: | |
Exploitability: | |
|
CWE |
NVD-CWE-noinfo |
CAPEC |
|
Access |
Vector | Complexity | Authentication |
NETWORK |
MEDIUM |
NONE |
|
Impact |
Confidentiality | Integrity | Availability |
COMPLETE |
COMPLETE |
COMPLETE |
|
cvss-vector
via4
|
AV:N/AC:M/Au:N/C:C/I:C/A:C
|
refmap
via4
|
|
Last major update |
03-10-2019 - 00:03 |
Published |
10-10-2018 - 13:29 |
Last modified |
03-10-2019 - 00:03 |