Vulnerability Description
A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerability." This affects Microsoft Office, Office 365 ProPlus, Microsoft PowerPoint, Microsoft SharePoint, Microsoft PowerPoint Viewer, Office Online Server, Microsoft SharePoint Server.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Microsoft | Office | 2016 |
| Microsoft | Office 365 Proplus | - |
| Microsoft | Office Compatibility Pack | - |
| Microsoft | Office Online Server | All versions |
| Microsoft | Office Web Apps | 2010 |
| Microsoft | Powerpoint | 2010 |
| Microsoft | Powerpoint Viewer | All versions |
| Microsoft | Sharepoint Enterprise Server | 2016 |
| Microsoft | Sharepoint Server | 2013 |
References
- http://www.securityfocus.com/bid/106104Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628PatchVendor Advisory
- http://www.securityfocus.com/bid/106104Third Party AdvisoryVDB Entry
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8628PatchVendor Advisory
FAQ
What is CVE-2018-8628?
CVE-2018-8628 is a vulnerability with a CVSS score of 7.8 (HIGH). A remote code execution vulnerability exists in Microsoft PowerPoint software when the software fails to properly handle objects in memory, aka "Microsoft PowerPoint Remote Code Execution Vulnerabilit...
How severe is CVE-2018-8628?
CVE-2018-8628 has been rated HIGH with a CVSS base score of 7.8/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2018-8628?
Check the references section above for vendor advisories and patch information. Affected products include: Microsoft Office, Microsoft Office 365 Proplus, Microsoft Office Compatibility Pack, Microsoft Office Online Server, Microsoft Office Web Apps.