Vulnerabilities > CVE-2018-8430 - Unspecified vulnerability in Microsoft Office and Word
Attack vector
LOCAL Attack complexity
LOW Privileges required
NONE Confidentiality impact
HIGH Integrity impact
HIGH Availability impact
HIGH Summary
A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file, aka "Word PDF Remote Code Execution Vulnerability." This affects Microsoft Word, Microsoft Office.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 4 |
Nessus
NASL family | Windows : Microsoft Bulletins |
NASL id | SMB_NT_MS18_SEP_WORD.NASL |
description | The Microsoft Word Products are missing a security update. It is, therefore, affected by the following vulnerability : - A remote code execution vulnerability exists in Microsoft Word if a user opens a specially crafted PDF file. An attacker who successfully exploited the vulnerability could cause arbitrary code to execute in the context of the current user. (CVE-2018-8430) |
last seen | 2020-06-01 |
modified | 2020-06-02 |
plugin id | 117426 |
published | 2018-09-11 |
reporter | This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof. |
source | https://www.tenable.com/plugins/nessus/117426 |
title | Security Updates for Microsoft Word Products (September 2018) |
References
- http://www.securityfocus.com/bid/105212
- http://www.securityfocus.com/bid/105212
- http://www.securitytracker.com/id/1041638
- http://www.securitytracker.com/id/1041638
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8430
- https://portal.msrc.microsoft.com/en-US/security-guidance/advisory/CVE-2018-8430