Descripción
Multiple vulnerabilities were found in Microsoft Office. Malicious users can exploit these vulnerabilities to execute arbitrary code, spoof user interface, bypass security restrictions, gain privileges.
Below is a complete list of vulnerabilities:
- A tampering vulnerability in Microsoft Office can be exploited remotely to spoof user interface.
- A remote code execution vulnerability in Microsoft Office can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Skype for Business and Microsoft Lync can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft Access can be exploited remotely to execute arbitrary code.
- An elevation of privilege vulnerability in Microsoft SharePoint can be exploited remotely to gain privileges.
- A security feature bypass vulnerability in Skype for Business and Lync can be exploited remotely to bypass security restrictions.
- A remote code execution vulnerability in Microsoft SharePoint can be exploited remotely to execute arbitrary code.
- A remote code execution vulnerability in Microsoft SharePoint Server can be exploited remotely to execute arbitrary code.
Notas informativas originales
- CVE-2018-8281
- CVE-2018-8311
- CVE-2018-8312
- CVE-2018-8323
- CVE-2018-8238
- CVE-2018-8300
- CVE-2018-8299
- CVE-2018-8284
Explotación
Public exploits exist for this vulnerability.
Productos relacionados
- Microsoft-Access
- Microsoft-Lync
- Microsoft-Office
- Microsoft-Excel
- Microsoft-Word
- Microsoft-SharePoint
Lista CVE
- CVE-2018-8310 critical
- CVE-2018-8281 critical
- CVE-2018-8311 critical
- CVE-2018-8312 critical
- CVE-2018-8323 high
- CVE-2018-8238 critical
- CVE-2018-8300 critical
- CVE-2018-8299 high
- CVE-2018-8284 critical
Lista KB
Leer más
Conozca las estadísticas de las vulnerabilidades que se propagan en su región statistics.securelist.com
¿Has encontrado algún error en la descripción de esta vulnerabilidad? ¡Háznoslo saber!