Main
Vulnerability Database
Exploits
ID:4842 - Exploit for Memory corruption in Microsoft Office and Microsoft Word - CVE-2018-0802
ID:4842 - Exploit for Memory corruption in Microsoft Office and Microsoft Word - CVE-2018-0802
Published: November 17, 2020
Vulnerability identifier: #VU9896
Vulnerability risk: Critical
CVE-ID: CVE-2018-0802
CWE-ID: CWE-119
Exploitation vector: Remote access
Vulnerable software:
Microsoft Office
Microsoft Word
Microsoft Office
Microsoft Word
Link to public exploit:
Vulnerability description
The vulnerability allows a remote attacker to execute arbitrary code on the target system.
The vulnerability exists due to a boundary error when processing Microsoft Word documents. A remote attacker can create a specially crafted Word document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office or Microsoft WordPad software.
Note: the vulnerability is being exploited in the wild.
The vulnerability exists due to a boundary error when processing Microsoft Word documents. A remote attacker can create a specially crafted Word document, trick the victim into opening it and execute arbitrary code on the target system with privileges of the current user.
Exploitation of the vulnerability requires that a user open a specially crafted file with an affected version of Microsoft Office or Microsoft WordPad software.
Note: the vulnerability is being exploited in the wild.
Remediation
Install updates from vendor's website.