Vulnerability Name: CVE-2018-0922 (CCN-139685) Assigned: 2017-12-01 Published: 2018-03-13 Updated: 2020-08-24 Summary: Microsoft Office 2010 SP2, 2013 SP1, and 2016, Microsoft Office 2016 Click-to-Run Microsoft Office 2016 for Mac, Microsoft Office Compatibility Pack SP2, Microsoft Office Web Apps 2010 SP2, Microsoft Office Web Apps 2013 SP1, Microsoft Office Word Viewer, Microsoft SharePoint Enterprise Server 2013 SP1, Microsoft SharePoint Enterprise Server 2016, Microsoft Office Compatibility Pack SP2, Microsoft Online Server 2016, Microsoft SharePoint Server 2010 SP2, Microsoft Word 2007 SP3, Microsoft Word 2010 SP2, Word 2013 and Microsoft Word 2016 allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Office Memory Corruption Vulnerability". CVSS v3 Severity: 7.8 High (CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 6.8 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
7.8 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H 6.8 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H/E:U/RL:O/RC:C Exploitability Metrics: Attack Vector (AV): LocalAttack Complexity (AC): LowPrivileges Required (PR): NoneUser Interaction (UI): RequiredScope: Scope (S): UnchangedImpact Metrics: Confidentiality (C): HighIntegrity (I): HighAvailibility (A): High
CVSS v2 Severity: 9.3 High (CVSS v2 Vector: AV:N/AC:M/Au:N/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): NetworkAccess Complexity (AC): MediumAuthentication (Au): NoneImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
6.8 Medium (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:C/I:C/A:C Exploitability Metrics: Access Vector (AV): LocalAccess Complexity (AC): LowAthentication (Au): Single_InstanceImpact Metrics: Confidentiality (C): CompleteIntegrity (I): CompleteAvailibility (A): Complete
Vulnerability Type: CWE-787 Vulnerability Consequences: Gain Access References: Source: MITRECVE-2018-0922 103314 Microsoft Office CVE-2018-0922 Memory Corruption Vulnerability 1040511 ms-office-cve20180922-code-exec(139685) Microsoft Office Memory Corruption Vulnerability https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0922 Vulnerable Configuration: Configuration 1 :cpe:/a:microsoft:office:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office:2016:*:*:*:*:*:*:* OR cpe:/a:microsoft:office:2016:*:*:*:*:mac:*:* OR cpe:/a:microsoft:office:2016:*:*:*:click-to-run:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:-:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_online_server:2016:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:office_word_viewer:-:*:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_enterprise_server:2016:*:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:word:2013:*:*:*:*:*:*:* OR cpe:/a:microsoft:word:2016:*:*:*:*:*:*:* Configuration CCN 1 :cpe:/a:microsoft:word_viewer:*:*:*:*:*:*:*:* OR cpe:/a:microsoft:office_compatibility_pack:*:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:word:2007:sp3:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_server:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office:2010:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:office:2010:sp2:x32:*:*:*:*:* OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x32:* OR cpe:/a:microsoft:word:2010:sp2:*:*:*:*:x64:* OR cpe:/a:microsoft:office_web_apps:2010:sp2:*:*:*:*:*:* OR cpe:/a:microsoft:office_web_apps:2013:sp1:*:*:*:*:*:* OR cpe:/a:microsoft:excel:2013:sp1:*:*:rt:*:*:* OR cpe:/a:microsoft:word:2013:sp1:*:*:rt:*:*:* OR cpe:/a:microsoft:office_online_server:2016:*:*:*:*:*:*:* OR cpe:/a:microsoft:sharepoint_enterprise_server:2013:sp1:*:*:*:*:*:* BACK
microsoft office 2010 sp2
microsoft office 2013 sp1
microsoft office 2016
microsoft office 2016
microsoft office 2016
microsoft office compatibility pack - sp2
microsoft office online server 2016
microsoft office web apps 2010 sp2
microsoft office web apps 2013 sp1
microsoft office word viewer -
microsoft sharepoint enterprise server 2013 sp1
microsoft sharepoint enterprise server 2016
microsoft sharepoint server 2010 sp2
microsoft word 2007 sp3
microsoft word 2010 sp2
microsoft word 2013
microsoft word 2016
microsoft word viewer *
microsoft office compatibility pack * sp3
microsoft word 2007 sp3
microsoft sharepoint server 2010 sp2
microsoft office 2010 sp2
microsoft office 2010 sp2
microsoft word 2010 sp2
microsoft word 2010 sp2
microsoft office web apps 2010 sp2
microsoft office web apps 2013 sp1
microsoft excel 2013 sp1
microsoft word 2013 sp1
microsoft office online server 2016
microsoft sharepoint enterprise server 2013 sp1
Denotes that component is vulnerable