Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way RTF content is handled, aka "Microsoft Word Memory Corruption Vulnerability".
References
Link | Resource |
---|---|
http://www.securityfocus.com/bid/102406 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1040153 | Third Party Advisory VDB Entry |
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0797 | Patch Vendor Advisory |
Configurations
Configuration 1 (hide)
|
History
No history.
Information
Published : 2018-01-10 01:29
Updated : 2024-02-28 16:04
NVD link : CVE-2018-0797
Mitre link : CVE-2018-0797
CVE.ORG link : CVE-2018-0797
JSON object : View
Products Affected
microsoft
- word
- sharepoint_server
- word_viewer
- office_web_apps_server
- office_compatibility_pack
- office_web_apps
- sharepoint_enterprise_server
- office_online_server
- office
CWE
CWE-787
Out-of-bounds Write