Vulnerability Details CVE-2018-0903
Microsoft Access 2010 SP2, Microsoft Access 2013 SP1, Microsoft Access 2016, and Microsoft Office 2016 Click-to-Run allow a remote code execution vulnerability due to how objects are handled in memory, aka "Microsoft Access Remote Code Execution Vulnerability".
Exploit prediction scoring system (EPSS) score
EPSS Score 0.174
EPSS Ranking 94.6%
CVSS Severity
CVSS v3 Score 7.8
CVSS v2 Score 6.8
References
- http://www.securityfocus.com/bid/103315
- http://www.securitytracker.com/id/1040503
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0903
- http://www.securityfocus.com/bid/103315
- http://www.securitytracker.com/id/1040503
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-0903
Products affected by CVE-2018-0903
-
cpe:2.3:a:microsoft:access:2010
-
cpe:2.3:a:microsoft:access:2013
-
cpe:2.3:a:microsoft:access:2016
-
cpe:2.3:a:microsoft:office:2016