BDU:2018-00514
Scores
EPSS
Percentile: 0.0%
CVSS
CVSS Score: 7.8/10
All CVSS Scores
Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Local (L)
Describes how the vulnerability is exploited
Attack Complexity
Low (L)
Describes the conditions beyond the attacker's control
Privileges Required
None (N)
Describes the level of privileges an attacker must possess
User Interaction
Required (R)
Captures the requirement for a human user participation
Scope
Unchanged (U)
Determines if a successful attack impacts components beyond the vulnerable component
Confidentiality Impact
High (H)
Measures the impact to the confidentiality of information
Integrity Impact
High (H)
Measures the impact to integrity of a successfully exploited vulnerability
Availability Impact
High (H)
Measures the impact to the availability of the impacted component
Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C
Vector Breakdown
CVSS (Common Vulnerability Scoring System) vector provides detailed metrics about vulnerability characteristics
CVSS
Attack Vector
Network (N)
Describes how the vulnerability is exploited
Attack Complexity
Medium
Describes the conditions beyond the attacker's control
Authentication
None (N)
Describes the level of privileges an attacker must possess
Confidentiality Impact
Complete
Measures the impact to the confidentiality of information
Integrity Impact
Complete
Measures the impact to integrity of a successfully exploited vulnerability
Availability Impact
Complete
Measures the impact to the availability of the impacted component
Description
Уязвимость пакета программ Microsoft Office вызвана выходом операции за границы буфера в памяти. Эксплуатация уязвимости может позволить нарушителю, действующему удалённо, выполнить произвольный код с помощью специально сформированного RTF-документа
Scaner-VS 7 — a modern vulnerability management solution
Sources
Related Vulnerabilities
Reference Links
Recommendations
Source: bdu
Использование рекомендаций: https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0797
Vulnerable Software (113)
Type: Configuration
Vendor: microsoft corp
Product: microsoft office 2010 service pack 2
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft office 2016
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft office compatibility pack service pack 3
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft office web apps 2010
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft office web apps 2010 service pack 2
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft office web apps server 2013 service pack 1
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft office word viewer
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft sharepoint enterprise server
Operating System: * *
{ "version_exact": "2013 SP1"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft sharepoint enterprise server 2016
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft sharepoint server
Operating System: * *
{ "version_exact": "2010 SP2"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft word 2003 service pack 3
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft word 2010 service pack 2
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft word 2013 rt service pack 1
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft word 2013 service pack 1
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: microsoft word 2016
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Configuration
Vendor: microsoft corp
Product: office online server
Operating System: * *
{ "version_exact": "*"}
Source: bdu
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475534
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011615
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4504705
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4493215
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4493145
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4493178
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4493183
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4493142
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486697
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486704
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486740
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486738
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486703
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486701
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486660
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484528
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4486661
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484533
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484494
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484490
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484495
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484492
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484370
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484381
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484456
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484458
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484380
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484378
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484295
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484293
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484296
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484294
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484240
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475597
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475602
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4484237
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475601
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475598
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475533
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475530
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4493218
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4475531
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461619
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461611
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461621
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4462178
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461612
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461625
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461620
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461617
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4462112
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB2965312
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461526
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461524
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461520
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4461527
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4092439
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4092437
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4092481
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4227167
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4032215
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4092433
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4032220
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022202
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022200
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022197
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011026
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022203
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022135
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022141
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022142
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4022139
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4018356
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4018360
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4018357
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4018359
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4018355
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011705
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011674
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011721
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4018309
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011709
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011673
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011023
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011651
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011659
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011657
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011607
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011643
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011658
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011022
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011642
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011609
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011579
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011641
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4011648
Source: msrc
Type: Windows KB
Vendor: Microsoft
Product: Windows
Operating System: Windows
Identifier: KB4504701
Source: msrc