PT-2018-18510 · Microsoft · Office Publisher

Eduardo Braun Prado

Publicado

2018-06-12

Atualizado

2020-08-24

CVE-2018-8245

CVSS v3.1

7.8

Alta

Vetor

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Publisher (affected versions not specified)

Description A remote code execution issue exists due to Microsoft Publisher's failure to properly lock down the Local Machine zone when instantiating OLE objects. This could allow an attacker to execute arbitrary code in the Local Machine zone.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Identificadores relacionados

CVE-2018-8245

Produtos afetados

Office Publisher

PT-2018-18510 · Microsoft · Office Publisher

CVE-2018-8245

Identificadores relacionados

Produtos afetados

Referências · 6