CVE-2018-8161

Summary

A remote code execution vulnerability exists in Microsoft Office software when the software fails to properly handle objects in memory, aka "Microsoft Office Remote Code Execution Vulnerability." This affects Microsoft Word, Word, Microsoft Office, Microsoft SharePoint. This CVE ID is unique from CVE-2018-8157, CVE-2018-8158.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Word2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Word2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Word2013 RT Service Pack 1affected
MicrosoftMicrosoft Word2013 Service Pack 1 (32-bit editions)affected
MicrosoftMicrosoft Word2013 Service Pack 1 (64-bit editions)affected
MicrosoftMicrosoft Word2016 (32-bit edition)affected
MicrosoftMicrosoft Word2016 (64-bit edition)affected
MicrosoftWordAutomation Services on Microsoft SharePoint Server 2010 Service Pack 2affected
MicrosoftWordAutomation Services on Microsoft SharePoint Server 2013 Service Pack 1affected
MicrosoftMicrosoft Office2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Office2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft OfficeWeb Apps 2010 Service Pack 2affected
MicrosoftMicrosoft OfficeWeb Apps Server 2013 Service Pack 1affected
MicrosoftMicrosoft SharePointEnterprise Server 2016affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References