Kaspersky ID:
KLA11349
検出日:
11/13/2018
更新日:
07/07/2026

説明

Multiple serious vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, gain privileges, cause denial of service.

Below is a complete list of vulnerabilities:

  1. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted email to execute arbitrary code.
  2. A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
  3. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
  4. A vulnerability in Microsoft SharePoint can be exploited remotely via specially crafted web request to gain privileges.
  5. A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to gain privileges.
  6. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
  7. A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
  8. A vulnerability in Microsoft Skype for Business can be exploited remotely via specially designed e-mail to cause denial of service.
  9. A vulnerability in Microsoft Outlook can be exploited remotely via specially designed e-mail to obtain sensitive information.
  10. A vulnerability in Microsoft Word can be exploited remotely via specially crafted file to execute arbitrary code.
  11. A vulnerability in Microsoft Project can be exploited remotely via specially crafted file to execute arbitrary code.
  12. A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.
  13. A vulnerability in Microsoft Outlook can be exploited remotely via specially crafted file to execute arbitrary code.
  14. A vulnerability in Microsoft SharePoint can be exploited remotely via specially designed request to obtain sensitive information.
  15. A vulnerability in Microsoft Excel can be exploited remotely via specially crafted file to execute arbitrary code.

オリジナルアドバイザリー

エクスプロイテーション

Malware exists for this vulnerability. Usually such malware is classified as Exploit. More details.

CVEリスト

  • CVE-2018-8582
    critical
  • CVE-2018-8558
    high
  • CVE-2018-8576
    critical
  • CVE-2018-8568
    high
  • CVE-2018-8572
    high
  • CVE-2018-8522
    critical
  • CVE-2018-8539
    critical
  • CVE-2018-8546
    high
  • CVE-2018-8579
    high
  • CVE-2018-8573
    critical
  • CVE-2018-8575
    critical
  • CVE-2018-8574
    critical
  • CVE-2018-8524
    critical
  • CVE-2018-8578
    warning
  • CVE-2018-8577
    critical

KBリスト

も参照してください

お住まいの地域に広がる脆弱性の統計をご覧ください statistics.securelist.com

この脆弱性についての記述に不正確な点がありますか? お知らせください!
Kaspersky IT Security Calculator
も参照してください
新しいカスペルスキー
あなたのデジタルライフを守る
も参照してください
Do you want to save your changes?
Your message has been sent successfully.