Equation Editor in Microsoft Office 2007, Microsoft Office 2010, Microsoft Office 2013, and Microsoft Office 2016 allows a remote code execution vulnerability due to the way objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability".
References
Link | Resource |
---|---|
https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0798 | Patch Vendor Advisory |
http://www.securitytracker.com/id/1040153 | Third Party Advisory VDB Entry |
http://www.securityfocus.com/bid/102370 | Third Party Advisory VDB Entry |
https://0patch.blogspot.com/2018/01/bringing-abandoned-equation-editor-back.html | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Information
Published : 2018-01-09 17:29
Updated : 2020-08-24 10:37
NVD link : CVE-2018-0798
Mitre link : CVE-2018-0798
JSON object : View
CWE
CWE-787
Out-of-bounds Write
Products Affected
microsoft
- office_compatibility_pack
- word
- office