CVSS: 9.3EPSS: 29%CPEs: 4EXPL: 0CVE-2018-8158
https://notcve.org/view.php?id=CVE-2018-8158
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-8157, CVE-2018-8161. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Office cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Office Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/104049 http://www.securitytracker.com/id/1040853 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8158 •
CVSS: 9.3EPSS: 11%CPEs: 5EXPL: 0CVE-2018-8157 – Microsoft Office Graph Serialized Data Out-Of-Bounds Write Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2018-8157
A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Office. This CVE ID is unique from CVE-2018-8158, CVE-2018-8161. Existe una vulnerabilidad de ejecución remota de código en el software de Microsoft Office cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Office Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/104046 http://www.securitytracker.com/id/1040853 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8157 •
CVSS: 9.3EPSS: 29%CPEs: 8EXPL: 0CVE-2018-8147
https://notcve.org/view.php?id=CVE-2018-8147
A remote code execution vulnerability exists in Microsoft Excel software when the software fails to properly handle objects in memory, aka "Microsoft Excel Remote Code Execution Vulnerability." This affects Microsoft Office, Microsoft Excel. This CVE ID is unique from CVE-2018-8148, CVE-2018-8162. Existe una vulnerabilidad de ejecución remota de código en Microsoft Excel cuando no gestiona correctamente objetos en la memoria. Esto también se conoce como "Microsoft Excel Remote Code Execution Vulnerability". • http://www.securityfocus.com/bid/104035 http://www.securitytracker.com/id/1040857 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8147 •
CVSS: 6.5EPSS: 1%CPEs: 8EXPL: 0CVE-2018-0950
https://notcve.org/view.php?id=CVE-2018-0950
An information disclosure vulnerability exists when Office renders Rich Text Format (RTF) email messages containing OLE objects when a message is opened or previewed, aka "Microsoft Office Information Disclosure Vulnerability." This affects Microsoft Word, Microsoft Office. This CVE ID is unique from CVE-2018-1007. Existe una vulnerabilidad de divulgación de información cuando Office renderiza los mensajes de email en formato RTF (Rich Text Format) que contienen objetos OLE cuando se abre o previsualiza un mensaje. Esto también se conoce como "Microsoft Office Information Disclosure Vulnerability". • http://www.securityfocus.com/bid/103642 http://www.securitytracker.com/id/1040654 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0950 •
CVSS: 9.3EPSS: 8%CPEs: 17EXPL: 0CVE-2018-0922
https://notcve.org/view.php?id=CVE-2018-0922
Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Compatibility Pack SP2, Microsoft Online Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2007 SP3, Microsoft Word 2010 SP2, Word 2013 and Microsoft Word 2016 allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". Microsoft Office 2010 SP2, 2013 SP1 y 2016, Microsoft Office 2016 Click-to-Run, Microsoft Office 2016 para Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Compatibility Pack SP2, Microsoft Online Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2007 SP3, Microsoft Word 2010 SP2, Word 2013 y Microsoft Word 2016 permiten una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/103314 http://www.securitytracker.com/id/1040511 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0922 • CWE-787: Out-of-bounds Write •