Vulnerability Details CVE-2018-1028
A remote code execution vulnerability exists when the Office graphics component improperly handles specially crafted embedded fonts, aka "Microsoft Office Graphics Remote Code Execution Vulnerability." This affects Word, Microsoft Office, Microsoft SharePoint, Excel, Microsoft SharePoint Server.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.357
EPSS Ranking 96.9%
CVSS Severity
CVSS v3 Score 8.8
CVSS v2 Score 9.3
References
- http://www.securityfocus.com/bid/103641
- http://www.securitytracker.com/id/1040654
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028
- http://www.securityfocus.com/bid/103641
- http://www.securitytracker.com/id/1040654
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-1028
Products affected by CVE-2018-1028
-
cpe:2.3:a:microsoft:excel_services:-
-
cpe:2.3:a:microsoft:office:2013
-
cpe:2.3:a:microsoft:office:2013_rt
-
cpe:2.3:a:microsoft:office:2016
-
cpe:2.3:a:microsoft:office_2010:*
-
cpe:2.3:a:microsoft:office_web_apps:2010
-
cpe:2.3:a:microsoft:office_web_apps:2013
-
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2013
-
cpe:2.3:a:microsoft:sharepoint_enterprise_server:2016
-
cpe:2.3:a:microsoft:word_automation_services:-