CVSS: 9.3EPSS: 4%CPEs: 5EXPL: 0CVE-2018-0792
https://notcve.org/view.php?id=CVE-2018-0792
Microsoft Word 2016 in Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Remote Code Execution Vulnerability". This CVE is unique from CVE-2018-0794. Microsoft Word 2016 en Microsoft Office 2016 permite una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Word Remote Code Execution Vulnerability". Este CVE es diferente de CVE-2018-0794. • http://www.securityfocus.com/bid/102381 http://www.securitytracker.com/id/1040153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0792 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 96%CPEs: 11EXPL: 3CVE-2018-0802 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2018-0802
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allow a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". This CVE is unique from CVE-2018-0797 and CVE-2018-0812. Equation Editor en Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permite una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". Este CVE es diferente de CVE-2018-0797 y CVE-2018-0812. • https://github.com/rxwx/CVE-2018-0802 https://github.com/roninAPT/CVE-2018-0802 http://www.securityfocus.com/bid/102347 http://www.securitytracker.com/id/1040153 https://0patch.blogspot.com/2018/01/the-bug-that-killed-equation-editor-how.html https://github.com/zldww2011/CVE-2018-0802_POC https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0802 https://research.checkpoint.com/another-office-equation-rce-vulnerability • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 9%CPEs: 11EXPL: 0CVE-2018-0812
https://notcve.org/view.php?id=CVE-2018-0812
Equation Editor in Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Word Memory Corruption Vulnerability". Equation Editor en Microsoft Office 2003, Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permite una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Word Memory Corruption Vulnerability". • http://www.securityfocus.com/bid/102463 http://www.securitytracker.com/id/1040153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0812 • CWE-787: Out-of-bounds Write •
CVSS: 9.3EPSS: 90%CPEs: 11EXPL: 1CVE-2018-0798 – Microsoft Office Memory Corruption Vulnerability
https://notcve.org/view.php?id=CVE-2018-0798
Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". Equation Editor en Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013 y Microsoft Office 2016 permite una vulnerabilidad de ejecución remota de código debido a la forma en la que se gestionan los objetos en la memoria. Esto también se conoce como "Microsoft Office Memory Corruption Vulnerability". Microsoft Office contains a memory corruption vulnerability due to the way objects are handled in memory. Successful exploitation allows for remote code execution in the context of the current user. • https://github.com/Sunqiz/CVE-2018-0798-reproduction http://www.securityfocus.com/bid/102370 http://www.securitytracker.com/id/1040153 https://0patch.blogspot.com/2018/01/bringing-abandoned-equation-editor-back.html https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0798 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2018-0819
https://notcve.org/view.php?id=CVE-2018-0819
Microsoft Office 2016 for Mac allows an attacker to send a specially crafted email attachment to a user in an attempt to launch a social engineering attack, such as phishing, due to how Outlook for Mac displays encoded email addresses, aka "Spoofing Vulnerability in Microsoft Office for Mac." Microsoft Office 2016 para Mac permite que un atacante envíe un archivo adjunto de email especialmente manipulado a un usuario, para intentar desencadenar un ataque de ingeniería social, como el phishing, debido a la forma en la que Outlook para Mac muestra direcciones de email codificadas. Esto también se conoce como "Spoofing Vulnerability in Microsoft Office for Mac." • http://www.securityfocus.com/bid/102464 http://www.securitytracker.com/id/1040153 https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0819 •