CVE-2018-8432

Summary

A remote code execution vulnerability exists in the way that Microsoft Graphics Components handle objects in memory, aka "Microsoft Graphics Components Remote Code Execution Vulnerability." This affects Windows 7, Microsoft Office, Microsoft Office Word Viewer, Office 365 ProPlus, Microsoft Excel Viewer, Microsoft PowerPoint Viewer, Windows Server 2019, Windows Server 2008 R2, Windows 10, Windows Server 2008.

Affected Software

VendorProductVersion RangeStatus
MicrosoftWindows 732-bit Systems Service Pack 1affected
MicrosoftWindows 7x64-based Systems Service Pack 1affected
MicrosoftMicrosoft Office2016 for Macaffected
MicrosoftMicrosoft Office2019 for 32-bit editionsaffected
MicrosoftMicrosoft Office2019 for 64-bit editionsaffected
MicrosoftMicrosoft OfficeCompatibility Pack Service Pack 3affected
MicrosoftMicrosoft Office Word ViewerMicrosoft Office Word Vieweraffected
MicrosoftMicrosoft Excel Viewer2007 Service Pack 3affected
MicrosoftMicrosoft PowerPoint Viewer2007affected
MicrosoftWindows Server 2019(Server Core installation)affected
MicrosoftOffice365 ProPlus for 32-bit Systemsaffected
MicrosoftOffice365 ProPlus for 64-bit Systemsaffected
MicrosoftWindows Server 2008 R2Itanium-Based Systems Service Pack 1affected
MicrosoftWindows Server 2008 R2x64-based Systems Service Pack 1affected
MicrosoftWindows Server 2008 R2x64-based Systems Service Pack 1 (Server Core installation)affected
MicrosoftWindows 10Version 1809 for 32-bit Systemsaffected
MicrosoftWindows 10Version 1809 for x64-based Systemsaffected
MicrosoftWindows Server 200832-bit Systems Service Pack 2affected
MicrosoftWindows Server 200832-bit Systems Service Pack 2 (Server Core installation)affected
MicrosoftWindows Server 2008Itanium-Based Systems Service Pack 2affected
MicrosoftWindows Server 2008x64-based Systems Service Pack 2affected
MicrosoftWindows Server 2008x64-based Systems Service Pack 2 (Server Core installation)affected

Weaknesses

  • Remote Code Execution

ADP Enrichment

CVE Program Container

Additional References

References