CVE-2018-8245

Опубликовано: 14 июн. 2018

Источник: nvd

CVSS3: 7.8

CVSS2: 6.8

EPSS Средний

Описание

A remote code execution vulnerability exists when Microsoft Publisher fails to utilize features that lock down the Local Machine zone when instantiating OLE objects, aka "Microsoft Publisher Remote Code Execution Vulnerability." This affects Microsoft Publisher.

Ссылки

http://www.securityfocus.com/bid/104405
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041105
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245
Patch
Vendor Advisory
http://www.securityfocus.com/bid/104405
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1041105
Third Party Advisory
VDB Entry
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8245
Patch
Vendor Advisory

Уязвимые конфигурации

Конфигурация 1

cpe:2.3:a:microsoft:publisher:2010:sp2:*:*:*:*:*:*

EPSS

Процентиль: 97%

0.33533

Средний

7.8 High

CVSS3

6.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

CVE-2018-8245

msrc

около 7 лет назад

Microsoft Publisher Remote Code Execution Vulnerability

GHSA-v2hp-7464-6hp5