CVE-2018-1028
N/A
N/A
Summary
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| Microsoft | Word | Automation Services on Microsoft SharePoint Server 2010 Service Pack 2 | affected |
| Microsoft | Word | Automation Services on Microsoft SharePoint Server 2013 Service Pack 1 | affected |
| Microsoft | Microsoft Office | 2010 Service Pack 2 (32-bit editions) | affected |
| Microsoft | Microsoft Office | 2010 Service Pack 2 (64-bit editions) | affected |
| Microsoft | Microsoft Office | 2013 RT Service Pack 1 | affected |
| Microsoft | Microsoft Office | 2013 Service Pack 1 (32-bit editions) | affected |
| Microsoft | Microsoft Office | 2013 Service Pack 1 (64-bit editions) | affected |
| Microsoft | Microsoft Office | 2016 (32-bit edition) | affected |
| Microsoft | Microsoft Office | 2016 (64-bit edition) | affected |
| Microsoft | Microsoft Office | Web Apps 2010 Service Pack 2 | affected |
| Microsoft | Microsoft Office | Web Apps Server 2013 Service Pack 1 | affected |
| Microsoft | Microsoft SharePoint | Enterprise Server 2016 | affected |
| Microsoft | Excel | Services on Microsoft SharePoint Enterprise Server 2013 Service Pack 1 | affected |
| Microsoft | Microsoft SharePoint Server | 2013 Service Pack 1 | affected |
Weaknesses
- Remote Code Execution
ADP Enrichment
CVE Program Container
Additional References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028
- http://www.securitytracker.com/id/1040654
- http://www.securityfocus.com/bid/103641
References
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028
- http://www.securitytracker.com/id/1040654
- http://www.securityfocus.com/bid/103641
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.