Description
Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.
Below is a complete list of vulnerabilities:
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted email to execute arbitrary code.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web request to gain privileges.
- A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to gain privileges.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Skype for Business can be exploited remotely via specially designed e-mail to cause denial of service.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
- A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Project can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
- A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to obtain sensitive information.
- A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
Original advisories
- CVE-2018-8558
- CVE-2018-8576
- CVE-2018-8568
- CVE-2018-8572
- CVE-2018-8522
- CVE-2018-8539
- CVE-2018-8546
- CVE-2018-8579
- CVE-2018-8573
- CVE-2018-8575
- CVE-2018-8574
- CVE-2018-8524
- CVE-2018-8578
- CVE-2018-8577
Exploitation
Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.
Related products
- Microsoft-Lync
- Microsoft-Office-Access
- Microsoft-Office-PowerPoint
- Microsoft-Office-Visio-2007
- Microsoft-Office-Visio
- Microsoft-Office-Professional-Plus-2010
- Microsoft-Office
- Microsoft-Outlook
- Microsoft-Excel
CVE list
- CVE-2018-8582 critical
- CVE-2018-8558 warning
- CVE-2018-8576 critical
- CVE-2018-8568 warning
- CVE-2018-8572 warning
- CVE-2018-8522 critical
- CVE-2018-8539 critical
- CVE-2018-8546 warning
- CVE-2018-8579 warning
- CVE-2018-8573 critical
- CVE-2018-8575 critical
- CVE-2018-8574 critical
- CVE-2018-8524 critical
- CVE-2018-8578 warning
- CVE-2018-8577 critical
KB list
- 4461486
- 4461506
- 4461529
- 4461501
- 4461483
- 4461513
- 4461511
- 4461520
- 3114565
- 4461527
- 4461473
- 4461487
- 4461504
- 4461485
- 4461524
- 4461526
- 4461489
- 4461478
- 4022147
- 4461503
- 4011190
- 4032218
- 4461519
- 4092473
- 4022232
- 4461530
- 4461488
- 4461518
- 4022237
Read more
Find out the statistics of the vulnerabilities spreading in your region on statistics.securelist.com
Found an inaccuracy in the description of this vulnerability? Let us know!