CVE-2018-8310

Summary

A tampering vulnerability exists when Microsoft Outlook does not properly handle specific attachment types when rendering HTML emails, aka "Microsoft Office Tampering Vulnerability." This affects Microsoft Word, Microsoft Office.

Affected Software

VendorProductVersion RangeStatus
MicrosoftMicrosoft Word2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Word2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Word2013 RT Service Pack 1affected
MicrosoftMicrosoft Word2013 Service Pack 1 (32-bit editions)affected
MicrosoftMicrosoft Word2013 Service Pack 1 (64-bit editions)affected
MicrosoftMicrosoft Word2016 (32-bit edition)affected
MicrosoftMicrosoft Word2016 (64-bit edition)affected
MicrosoftMicrosoft Office2010 Service Pack 2 (32-bit editions)affected
MicrosoftMicrosoft Office2010 Service Pack 2 (64-bit editions)affected
MicrosoftMicrosoft Office2016 Click-to-Run (C2R) for 32-bit editionsaffected
MicrosoftMicrosoft Office2016 Click-to-Run (C2R) for 64-bit editionsaffected

Weaknesses

  • Tampering

ADP Enrichment

CVE Program Container

Additional References

References