PT-2018-18510 · Microsoft · Office Publisher

Eduardo Braun Prado

Published

2018-06-12

Updated

2020-08-24

CVE-2018-8245

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Microsoft Publisher (affected versions not specified)

Description A remote code execution issue exists due to Microsoft Publisher's failure to properly lock down the Local Machine zone when instantiating OLE objects. This could allow an attacker to execute arbitrary code in the Local Machine zone.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

CVE-2018-8245

Affected Products

Office Publisher

PT-2018-18510 · Microsoft · Office Publisher

CVE-2018-8245

Related Identifiers

Affected Products

References · 6